Senior Offensive Security Engineer II

Posted:
9/19/2024, 2:48:20 AM

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security ⋅ Software Engineering

Workplace Type:
Remote

Pay:
$101/hr or $210,080 total comp

POS-26029

 

The HubSpot Threats and Vulnerabilities team protects our customers by systematically reducing HubSpot’s attack surface and improving the maturity of HubSpot’s Product Security. We create this path forward by mapping out HubSpot’s defences, identifying and prioritizing improvements based on threat intelligence, and testing our applications and infrastructure to find and fix weaknesses. 

The team comprises highly skilled individuals experienced in the security and development of Cloud services. This team provides support and guidance across both the Product and Security organizations at HubSpot. We are looking for experienced engineers from diverse backgrounds to augment the team’s skill set and offer new perspectives on security and risk and how it relates to HubSpot’s program.

In this role, you will:

  • Guide development teams in secure development and protective measures to deter abuse or attacks
  • Provide security-focused recommendations based on threat intelligence, other real-world security events, and vulnerability assessments
  • Build secure application design standards that allow low-friction adoption by product teams
  • Lead security-focused architecture reviews and threat modeling in newly built features and existing product microservices infrastructure
  • Continuously improve HubSpot's application security program by educating developers, creating secure defaults, and increasing automated testing
  • Lead red team exercises to find weaknesses in HubSpot’s services, tools, and infrastructure
  • Maintain knowledge of the latest vulnerabilities, exploits, and the evolving threat landscape and distil that knowledge to other groups within HubSpot
  • Manage programs for bug bounty and internal and external penetration testing, ensuring vulnerabilities are identified and mitigated
  • Act as an escalation point for security incidents that require the specialized knowledge of this team
  • Drive projects and improvements that improve HubSpot’s Security and Privacy controls within the Product Organization and beyond

We are looking for people who have:

  • 10 years experience in application security, software development, or incident response
  • Previous involvement in red teaming, adversary emulation, or penetration testing
  • Experience working with at least one programming language (Java, C#, Python etc)
  • Experience with secure development practices, public cloud, and network security
  • Familiarity with security monitoring tools and investigation tools such as Splunk and Kibana
  • Ability to communicate information about security and risk to a diverse audience

We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.

 

If you need accommodations or assistance due to a disability, please reach out to us using this form. This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.

 

 

Germany Applicants: (m/f/d) - link to HubSpot's Career Diversity page here.

India Applicants: link to HubSpot India's equal opportunity policy here.

 

About HubSpot

HubSpot (NYSE: HUBS) is a leading customer relationship management (CRM) platform that provides software and support to help businesses grow better. We build marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth. We’re also building a company culture that empowers people to do their best work. If that sounds like something you’d like to be part of, we’d love to hear from you.

You can find out more about our company culture in the HubSpot Culture Code, which has more than 5M views, and learn about our commitment to creating a diverse and inclusive workplace, too. Thanks to the work of every employee globally, HubSpot was named the #2 Best Place to Work on Glassdoor in 2022 and has been recognized for its award-winning culture by Great Place to Work, Comparably, Fortune, Entrepreneur, Inc., and more.

Headquartered in Cambridge, Massachusetts, HubSpot was founded in 2006. Today, thousands of employees across the globe work remotely and in HubSpot offices. Visit our careers website to learn more about the culture and opportunities at HubSpot. 

By submitting your application, you agree that HubSpot may collect your personal data for recruiting, global organization planning, and related purposes. HubSpot's Privacy Notice explains what personal information we may process, where we may process your personal information, our purposes for processing your personal information, and the rights you can exercise over HubSpot’s use of your personal information. 

HubSpot

Website: http://www.hubspot.com/

Headquarter Location: Cambridge, Massachusetts, United States

Employee Count: 1001-5000

Year Founded: 2006

IPO Status: Public

Last Funding Type: Series E

Related Postings

Engineering Manager - Python, Risk

Akuna Capital5/17/2024 ⋅ United States

Software Engineer - Cloud Email Security (CES)

Cloudflare2/14/2024 ⋅ United States

Application Support Engineer

Accenture9/6/2024 ⋅ India

Apprenti Canalisateur (H/F)

Eiffage3/26/2024 ⋅ France

Técnico de Desarrollo SDI

iOSCM6/18/2024 ⋅ Mexico

Notify

Get a jumpstart on your goals with Notify, the app that ensures you're the first to apply for new job openings!

postings

our prices

login

contact us

privacy policy

Copyright © 2024 Notify