Senior Security Analyst

Summary

Join HubSpot as a Senior Security Analyst and contribute to strengthening our detection engineering program. You will design and implement detection logic across various security platforms, simulate attacks, and test detection effectiveness. Collaboration with engineering and incident response teams is crucial. This role involves solving complex security challenges and delivering research and features to meet team goals. The ideal candidate possesses extensive experience in detection engineering, security operations, and incident response, along with strong coding and data analysis skills. HubSpot offers a flexible work environment with opportunities for both remote work and in-person collaboration.

Requirements

• Experience building / maturing a detection engineering program
• Hands-on security operations experience working within a modern zero trust oriented cloud / SaaS-heavy environment
• Strong understanding of incident response best practices with practical experience responding to moderate to complex security incidents
• Experience identifying / building new detection use cases
• Ability to collect / analyze large sets of structured / unstructured data from disparate sources
• Solid experience using SIEM tools (Splunk) for security investigations
• Experience using various security tools (EDR, web proxy, IDaaS etc) to assist with an investigation
• Strong networking and systems knowledge with a good understanding of macOS and Windows internals
• Experience working collaboratively to define and implement security policies, procedures, and controls
• Experience providing internal security consultancy / advice to other teams within the company
• Experience writing code (Python/Java) to solve problems, facilitate easier data analysis, and to automate security tasks
• Acutely aware of industry security trends, advisories, news, and general research

Responsibilities

• Build a threat detection engineering program (full lifecycle)
• Build attack simulation scenarios, detection use cases & test their effectiveness
• Leverage an automation first mindset to work smarter / more efficiently
• Help respond when needed to critical security incidents
• Consult stakeholders on security-related subjects ranging from general OpSec, infrastructure architecture etc

Preferred Qualifications

• Deep knowledge of macOS and Windows internals and practical experience using it to secure such systems
• Experience in detection engineering processes / behaviors
• Experience monitoring / securing AWS, GCP, or Azure cloud environments
• Knowledge of containerization software and how to secure them (Docker, Kubernetes, OpenStack)
• Experience using tools like Splunk & Snowflake
• Experience using automation tools like Tines & Splunk SOAR
• Experience conducting data analysis using tools such as R, Tableau, PowerBI, Jupyter Notebook

Benefits

• Remote work, flexible hours
• In-person onboarding (required for full-time Engineering roles)
• In-person events (e.g., PEER week, Product Group Summit) for Product team roles