Join us in redefining the creator economy with AI

Fanvue is one of the fastest-growing creator monetisation platforms globally. We're an AI-powered, creator-first platform helping creators connect, engage, and earn directly from their audiences at scale. Following our recent Series A, Fanvue has surpassed $100M+ in annual recurring revenue, with triple-digit year-on-year growth, supporting hundreds of thousands of creators and millions of fans worldwide.

As Fanvue scales, security becomes one of the most critical functions in the company. This role exists to own and build our security posture from the ground up — across infrastructure, application, payments, and compliance — and help protect how hundreds of thousands of creators and millions of fans use Fanvue.

🎯 The Role

You will be the single-threaded owner of security at Fanvue. You'll design and implement controls across our AWS infrastructure, application layer, CI/CD pipelines, and payment flows. You'll drive SOC 2 Type II and PCI DSS compliance, build an incident response capability, and establish a security champion network across every engineering stream. This is a high-ownership, hands-on role where you shape how security works across the entire company. If you want to build a security function, not just inherit one, this is it.

🚀 What You'll Do

• Design and implement security controls across AWS infrastructure, application layer, CI/CD pipelines, and payment flows

• Write RFCs/ADRs for security architecture decisions; maintain the security chapter in the engineering-rfcs-and-adrs repo

• Establish and run a security champion network across Platform, Growth, AI, Creator Earnings, and other engineering streams, including weekly security office hours

• Own the SOC 2 Type II and PCI DSS roadmap and execution — manage auditor relationships, evidence collection, and remediation tracking

• Conduct threat modelling for new features including iframe patterns, AI Creator Studio integrations, and live streaming surfaces

• Perform hands-on security reviews: IAM policies, secrets management, API authorisation, data encryption, and vendor contracts

• Build incident response playbooks and run quarterly tabletop exercises with the on-call rotation

• Partner with Legal on compliance across PCI DSS, GDPR, age verification, and content moderation policy

• Configure and tune SIEM, vulnerability scanning, and dependency checks — own alerting and response

• Review PRs for security-critical changes and embed security gates into the project checklist

👀 Who You Are

• A senior security engineer with 8+ years of experience, including 3+ years as the solo or founding security hire at a scaling company

• Deep AWS security expertise: IAM, GuardDuty, Security Hub, VPC design, service control policies, and multi-account strategy

• Strong application security fundamentals: OWASP, OAuth/OIDC, API authorisation, cryptography, and secrets management

• Hands-on compliance experience — SOC 2, PCI DSS Level 1, GDPR and data residency

• Proficient in TypeScript; can read and review application code for vulnerabilities

• A track record of writing clear technical documentation — HLDs, RFCs, and runbooks that others can actually follow

• Comfortable with infrastructure as code (CDK/Terraform), CI/CD security, and container scanning

• Experience building a security champion programme and influencing cross-functionally without formal authority

✨ You'll Thrive Here If

• You want to build the security function from scratch, not maintain someone else's

• You are energised by breadth — infrastructure, application, compliance, and culture all in one role

• You are hands-on first: you write code, review PRs, and get into the detail before delegating

• You communicate security risk in business terms, not just technical ones

• You are excited by the pace and ambiguity of a high-growth startup

⚠️ You'll Struggle Here If

• You prefer to work within an established security team with defined scope

• You are more comfortable writing policies than implementing controls

• You need everything documented before you can act

• You treat compliance as a checkbox exercise rather than a genuine risk reduction effort

🌍 Why Join Fanvue

• Competitive salary

• Ownership from day one

• Fast-moving team with real autonomy

• Direct line of sight to outcomes and visible impact

• AI-native working environment

• Access to gyms, studios, wellbeing partners, and premium wellbeing apps

• Recognised in the Sunday Times Best Places to Work

• Winner of an International Business award for fastest-growing company

⭐ Fanvue is for Everyone

We believe diverse teams build better products, and if you are excited by the role but do not tick every box, we still encourage you to apply. We hire on potential, mindset, and what you will build — not just where you have been.