Note: The job is a remote job and is open to candidates in USA. HubSpot is looking for a talented Principal Software Engineer to shape and deliver advanced detection engineering, threat intelligence, and incident response solutions supporting our growing platform. In this pivotal org-impacting role, you will use your extensive hands-on engineering experience to influence the technical direction of our detection and response capabilities, implement best-in-class security practices, and help attain high standards for operational excellence.
Responsibilities
- As a Principal Software Engineer, you will play a leading role in building strong detection foundations and response frameworks to advance HubSpot’s security posture
- You will be a trusted technical leader, driving the development of automated detection systems and prioritizing mitigations based on current threats and coverage gaps
- You will partner closely with engineering teams to supply data for purple team exercises and implement practical solutions that mitigate risks
- Your deep technical knowledge will help guide architectural decisions for our corporate security logging infrastructure and SIEM
- Day-to-day, you’ll contribute code to security automations, review designs for detection reliability, and provide technical mentorship to engineers—championing detection-in-depth in everything we do
- You’ll act as a key point of contact for threat intelligence and incident response expertise—ensuring that HubSpot’s products meet both internal guardrails and external customer trust needs
- You will support incident response efforts by aiding in investigations, understanding bad actor behaviors, and proactively anticipating future actions
- You will work closely with product managers and legal/privacy partners to ensure incident response standards like NIST and SANS are woven into our lifecycle
- You will also produce actionable intelligence by filtering and correlating data from indicators of compromise (IOCs) using platforms like Splunk and CrowdStrike
- The secure systems and practices you establish will have a real and lasting impact on upholding the integrity of the data entrusted to HubSpot
- By evaluating customer impact on threats and maintaining relationships with industry contacts for intelligence sharing, you will directly contribute to a secure experience for every customer—enabling them to focus on running and growing their business with confidence
Skills
- 10-15 years of experience in software development and information security, with a focus on detection engineering, threat intelligence, and incident response
- Proven experience in designing and implementing automated detection systems and managing large-scale security logging infrastructure (e.g., Splunk, SIEM)
- Expert knowledge of endpoint and network detection (EDR/SASE), and hands-on experience with tools like CrowdStrike Falcon for investigation and response
- Deep understanding of incident response methodologies and frameworks such as NIST 800-61, SANS, and the ability to lead high-severity CritSits
- Demonstrated experience in correlating diverse telemetry (identity, cloud, network) to detect post-entry behavior and contain threats quickly
- Experience managing and ingesting Indicators of Compromise (IOCs) and mapping actor techniques to standards like STIX/TAXII
- Excellent communication skills, with the ability to articulate complex threat landscapes to both technical and non-technical audiences
- Relevant industry certifications (e.g., GCIH, GCFA, CISSP, or vendor-specific EDR certifications)
Benefits
- On-target commission for employees in eligible roles
- Annual bonus targets under HubSpot’s bonus plan for eligible roles
- Eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs)
- Some roles may also be eligible for overtime pay
- Individual compensation packages are tailored to your skills, experience, qualifications, and other job-related reasons
- Benefits are also an important piece of your total compensation package
- Remote employee or work from the Office
- Required to attend a regional HubSpot office for in-person onboarding
- Attend other in-person events, such as your Product Group Summit and other gatherings, to continue building on those connections
- If you require an accommodation due to travel limitations or other reasons, please inform your recruiter during the hiring process
Company Overview
Company H1B Sponsorship