Senior Security Analyst

Summary

Join HubSpot as a Senior Security Analyst and enhance our security operations by developing and refining threat detection logic using Splunk. You will simulate attacks, collaborate with incident response and engineering teams, and leverage AI/ML to advance detection capabilities. Responsibilities include developing threat detection strategies, engineering Splunk solutions, integrating AI/ML for enhanced detection, supporting incident response, and providing security consultation. The ideal candidate possesses 5+ years of experience in security operations with advanced Splunk expertise and strong knowledge of network protocols. Coding skills and a demonstrable understanding of AI/ML applications in cybersecurity are essential. HubSpot offers a flexible work environment with opportunities for both remote work and in-person collaboration.

Requirements

• 5+ years in security operations with proven ability in detection engineering, incident response, and threat hunting in cloud-native (AWS, GCP, Azure) and SaaS environments (zero-trust principles)
• Advanced Splunk expertise (complex SPL, data models, dashboards, alerts)
• Strong knowledge of network protocols and OS internals (macOS, Linux, Windows)
• Proficiency with security tools (e.g., EDR, XDR, CASB, SOAR) and analyzing large datasets
• Coding skills (e.g., Python, PowerShell) for automation and data analysis
• Demonstrable understanding and passion for AI/ML applications in cybersecurity
• Continuous learner with strong problem-solving and collaboration skills

Responsibilities

• Develop, test, and refine threat detection strategies and use cases using threat intelligence (e.g., MITRE ATT&CK) and attack simulations
• Engineer advanced Splunk solutions (SPL queries, dashboards, reports) for threat detection, contextualization, and automated workflows
• Champion and integrate AI/ML to enhance detection accuracy, automate responses, and reduce MTTD/MTTR
• Support critical incident response efforts with investigation, containment, and remediation
• Provide security consultation to internal teams on OpSec, secure infrastructure design, and risk mitigation

Preferred Qualifications

• Deep understanding of macOS/Linux internals for forensic analysis
• Mastery of the full detection engineering lifecycle, from threat modeling to refinement
• Experience developing custom Splunk applications (apps, TAs) or applying AI/ML models (MLOps a plus)
• Proven success in implementing automation (e.g., SOAR playbooks) to scale security operations
• Experience leading security assessments (e.g., penetration testing, red/purple teaming)
• A portfolio of independent research, tool development, or security community contributions
• Passion for mentoring and knowledge sharing

Benefits

Remote work, flexible hours