Principal Software Engineer, Security, Detection & Response

🕒 May 26

🍂 Massachusetts – Remote

🍂 Massachusetts – Remote

💵 $266.2k - $425.9k / year

⏰ Full Time

🔴 Lead

👮‍♂️ Cybersecurity / Security Engineer

🦅 H1B Visa Sponsor

This company has sponsored H1B visas in the past.

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

HubSpot

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

Founded 2006

🤝 B2B

☁️ SaaS

B2B • SaaS • Marketing

HubSpot is an AI-powered customer platform that combines marketing, sales, and customer service software into one integrated suite. With over 238,000 customers in 135 countries, HubSpot offers tools for marketing automation, sales management, customer service, content marketing, operations, and B2B commerce. With products like Marketing Hub, Sales Hub, Service Hub, and Content Hub, HubSpot enables businesses to generate leads, close deals, and provide excellent customer support, all while using AI to enhance operations and insights. The platform is designed to unify teams and customer data, supporting both small startups and large enterprises in their growth journey.

📋 Description

• Building strong detection foundations and response frameworks to advance HubSpot’s security posture. • Driving the development of automated detection systems and prioritizing mitigations based on current threats and coverage gaps. • Partnering closely with engineering teams to supply data for purple team exercises and implement practical solutions that mitigate risks. • Guiding architectural decisions for our corporate security logging infrastructure and SIEM. • Contributing code to security automations, reviewing designs for detection reliability, and providing technical mentorship to engineers. • Acting as a key point of contact for threat intelligence and incident response expertise. • Supporting incident response efforts by aiding in investigations and understanding bad actor behaviors.

🎯 Requirements

• 10-15 years of experience in software development and information security, with a focus on detection engineering, threat intelligence, and incident response. • Proven experience in designing and implementing automated detection systems and managing large-scale security logging infrastructure (e.g., Splunk, SIEM). • Expert knowledge of endpoint and network detection (EDR/SASE), and hands-on experience with tools like CrowdStrike Falcon for investigation and response. • Deep understanding of incident response methodologies and frameworks such as NIST 800-61, SANS, and the ability to lead high-severity CritSits. • Demonstrated experience in correlating diverse telemetry (identity, cloud, network) to detect post-entry behavior and contain threats quickly. • Experience managing and ingesting Indicators of Compromise (IOCs) and mapping actor techniques to standards like STIX/TAXII. • Excellent communication skills, with the ability to articulate complex threat landscapes to both technical and non-technical audiences. • Relevant industry certifications (e.g., GCIH, GCFA, CISSP, or vendor-specific EDR certifications).

🏖️ Benefits

• Health insurance • 401(k) matching • Flexible work arrangements • Paid time off • Professional development opportunities • Bonuses • Stock options • Equipment allowances