Skip to main content
TryApplyNow
Mrbeastyoutube logo

Principal Compliance & Security Engineer

Mrbeastyoutube
Full Timeprincipal
San FranciscoPosted Yesterday

Role Overview

Mrbeastyoutube is hiring a Principal Compliance & Security Engineer. This is a full-time role in San Francisco. Part of Mrbeastyoutube's Security hiring, posted yesterday. Full responsibilities, required qualifications, and the apply link are listed in the description below.

Salary Context

Salary is not disclosed in this posting. Market median for Principal-level Security roles is $120k-$308k (based on 11 comparable listings). Many employers share specifics during the interview process or after an initial screen.

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

AWSGCPTerraformORBenefitsComplianceGDPRCCPA

Job description

About Us

Beast Industries is a multifaceted media and entertainment company founded by Jimmy Donaldson, popularly known as MrBeast, the most watched person in the world. Renowned for revolutionizing digital content creation, Beast Industries encompasses a diverse portfolio of ventures that extend far beyond its origins on YouTube. With a mission to entertain, inspire, and create significant social impact, Beast Industries operates across various domains including digital media, philanthropy, consumer products, and innovative business initiatives. At Beast Industries, we believe in the transformative power of digital media and its potential to entertain, educate, and effect positive change. Our commitment to innovation, creativity, and philanthropy drives us to explore new frontiers, create unforgettable experiences, and build a legacy that inspires future generations.

Principal Compliance & Security Engineer

Primary: Bay Area (San Francisco / Peninsula)   |   Secondary: NYC

 

The Opportunity

We're doing an AI-first engineering rebuild for a company that already has an audience of 100M+ people. This is a zero-to-one build with no legacy constraints, which means you get to stand up the security and compliance foundation correctly from the start. The stakes here are concrete: Step handles money and serves minors, Feastables carries consumer and supply-chain data, and the media business ships fast and constantly. You're here to make regulated products shippable without slowing them down.

The Mandate

You'll be a single principal-level IC bridging two disciplines that usually live on separate teams: security engineering (threat modeling, vulnerability management, hardening, incident response) and compliance engineering (control design, audit evidence, framework mapping across SOC 2, PCI DSS, COPPA, and privacy law). That means:

  • Own the security architecture and the technical compliance posture across Step, Feastables, and the media org.
  • Build one control framework, with each control mapped to the regulation it satisfies (PCI DSS, COPPA, GDPR/CCPA, SOC 2).
  • Make compliance continuous by automating evidence collection and control monitoring, not a once-a-year scramble.

What You'll Do

  • Set the security standards other engineers build against across cloud infrastructure, applications, and data systems.
  • Lead threat modeling and security reviews for high-risk products, especially Step's payment and account systems and anything touching minors' data.
  • Run the vulnerability management program and drive remediation to closure with the teams that own the systems.
  • Build and own incident response: detection, playbooks, escalation, post-incident review, and breach-notification readiness.
  • Act as technical lead during PCI DSS and SOC 2 audits, and represent Beast with auditors, regulators, and partners.
  • Translate regulatory requirements into engineering work teams can act on, and advise leaders on risk tradeoffs in plain terms.
  • Define secure-by-default patterns and paved paths so most teams meet requirements without one-off review.

Who You Are

  • AI-Native: You're already using AI daily and bringing it into security work where it earns its place, from automation to evidence pipelines.
  • Security + Compliance Hybrid: Around 15 years of combined security engineering and compliance experience, with proven ownership of PCI DSS and SOC 2 in production, from control design through a successful audit.
  • Applied and Hands-On: Strong cloud security (AWS/GCP), application security, threat modeling, and incident response, with the ability to read and reason about code.
  • Trusted on Risk: You say no clearly when risk warrants it and explain the tradeoff in terms the business can act on, you treat minors' data and customer money as the highest bar, and you influence through evidence, not title.

Working knowledge of privacy and minor-protection regulation (COPPA, GDPR, CCPA) and how it maps to technical controls. Bonus points for fintech or payments experience (money movement, KYC), security automation and infrastructure-as-code (Terraform, policy-as-code), relevant certifications (CISSP, CCSP, OSCP), and standing up a security or compliance function from an early stage.

Benefits

  • Equity: Highly competitive equity package designed for a foundational hire.
  • Hybrid Model: Expected ~3 days per week in-office (Bay Area or NYC).

 

Benefits

The Perks, Why Work On the MrBeast Team

We are redefining what entertainment and storytelling look like at global scale. Every piece of content we publish reaches millions and influences culture in real time. This is your opportunity to lead the team that decides how those moments come to life across every screen.

  • Competitive Salary
  • Generous Medical (Blue Cross Blue Shield), Dental, Vision and company-paid Life Insurance 
  • Company contributions to employee Health Savings Accounts (HSA) 
  • 401k Plan with Safe Harbor company-matching
  • Flexible vacation policy and paid company holidays
  • Company-provided technology package 
  • Relocation assistance where applicable, including travel and company-provided housing for the first 90 days

About Mrbeastyoutube

Mrbeastyoutube logo

Mrbeastyoutube

SecurityOn-site

72 other open roles at Mrbeastyoutube on TryApplyNow.

Frequently Asked Questions

How do I apply for the Principal Compliance & Security Engineer position at Mrbeastyoutube?

Use the Apply button above to submit your application directly to Mrbeastyoutube. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.

Where is the Principal Compliance & Security Engineer position at Mrbeastyoutube located?

This position is based in San Francisco. Mrbeastyoutube has not indicated remote or hybrid options for this role, so candidates should plan for on-site work.

What does a Principal Compliance & Security Engineer at Mrbeastyoutube earn?

Mrbeastyoutube has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.

When was the Principal Compliance & Security Engineer role at Mrbeastyoutube posted?

This role was posted on July 8, 2026 (yesterday). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.

AI-powered job search

Get every job scored to your resume

Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.

Get started free

No credit card to start