Remote Senior Offensive Security Engineer
closedHubSpot
Job highlights
Summary
Join HubSpot's Threats and Vulnerabilities team and contribute to protecting our customers by systematically reducing HubSpot’s attack surface and improving the maturity of HubSpot’s Product Security. You will continuously measure HubSpot’s application security defenses, provide security-focused recommendations, participate in red team exercises, and maintain knowledge of the latest vulnerabilities. This role involves managing bug bounty programs, acting as an escalation point for security incidents, conducting research on campaigns, and driving projects to improve HubSpot’s Security and Privacy controls. The ideal candidate possesses 5+ years of experience in application security, threat intelligence, or incident response, along with red teaming or penetration testing experience. HubSpot values flexibility and offers a supportive work environment.
Requirements
- 5 or more years experience in application security, threat Intelligence or incident response
- Previous involvement in red teaming, adversary emulation, or penetration testing
- Experience working with at least one programming language (Java, C#, Python etc)
- Understanding of secure development practices, public cloud, and network security
- Familiarity with security monitoring tools and investigation tools such as Splunk and Kibana
- Ability to communicate information about security and risk to a diverse audience
Responsibilities
- Continuously measure HubSpot’s application security defences, highlighting areas of strength and weakness
- Provide security-focused recommendations based on threat intelligence and vulnerability assessments
- Participate in red team exercises to find weaknesses in HubSpot’s products and tools
- Maintain knowledge of the latest vulnerabilities, exploits, and the evolving threat landscape and distil that knowledge to other groups within HubSpot
- Manage programs for bug bounty and internal and external penetration testing, ensuring vulnerabilities are identified and mitigated
- Act as an escalation point for security incidents that require the specialized knowledge of this team
- Conduct research on campaigns and actors through technical analysis of data
- Drive projects and improvements that improve HubSpot’s Security and Privacy controls within the Product Organization and beyond
Benefits
- Remote work, flexible hours
- In-person onboarding (required for full-time Engineering roles)
- In-person events (e.g., PEER week, Product Group Summit) for Product team roles
Similar Remote Jobs
- đź’°$120k-$175kđź“ŤUnited States, Canada
- đź“ŤUnited States, Canada
- đź“ŤUnited States, Canada
- đź“ŤUnited States
- đź’°$200k-$230kđź“ŤWorldwide
- đź’°$120k-$175kđź“ŤUnited States, Canada
- đź“ŤUnited States, Canada
- đź“ŤUnited States
- đź’°$128k-$176kđź“ŤUnited States
- đź’°$150k-$200kđź“ŤUnited States