Principal Software Engineer, Security, Detection & Response
Apply for this position → Go ad-free with PremiumHubSpot is looking for a talented Principal Software Engineer to shape and deliver advanced detection engineering, threat intelligence, and incident response solutions supporting our growing platform. In this pivotal org-impacting role, you will use your extensive hands-on engineering experience to influence the technical direction of our detection and response capabilities, implement best-in-class security practices, and help attain high standards for operational excellence. You’ll tackle challenging problems and partner closely with cross-functional peers, making a tangible impact on our defenses and resilience.
At HubSpot, security isn’t just a checkbox—it’s woven into everything we do. By building robust detection foundations and scalable response systems, you’ll be enabling our teams and customers to grow better, together. If you’re motivated to strengthen threat detection and response for millions of organizations at scale, you’ll find this opportunity exciting!
Responsibilities
As a Principal Software Engineer, you will play a leading role in building strong detection foundations and response frameworks to advance HubSpot’s security posture. You will be a trusted technical leader, driving the development of automated detection systems and prioritizing mitigations based on current threats and coverage gaps. You will partner closely with engineering teams to supply data for purple team exercises and implement practical solutions that mitigate risks. Your deep technical knowledge will help guide architectural decisions for our corporate security logging infrastructure and SIEM. Day-to-day, you’ll contribute code to security automations, review designs for detection reliability, and provide technical mentorship to engineers—championing detection-in-depth in everything we do.
You’ll act as a key point of contact for threat intelligence and incident response expertise—ensuring that HubSpot’s products meet both internal guardrails and external customer trust needs. You will support incident response efforts by aiding in investigations, understanding bad actor behaviors, and proactively anticipating future actions. You will work closely with product managers and legal/privacy partners to ensure incident response standards like NIST and SANS are woven into our lifecycle. You will also produce actionable intelligence by filtering and correlating data from indicators of compromise (IOCs) using platforms like Splunk and CrowdStrike.
The secure systems and practices you establish will have a real and lasting impact on upholding the integrity of the data entrusted to HubSpot. By evaluating customer impact on threats and maintaining relationships with industry contacts for intelligence sharing, you will directly contribute to a secure experience for every customer—enabling them to focus on running and growing their business with confidence.
Key Expectations
We are looking for an experienced and forward-thinking security leader with the following qualifications:
- 10-15 years of experience in software development and information security, with a focus on detection engineering, threat intelligence, and incident response.
- Proven experience in designing and implementing automated detection systems and managing large-scale security logging infrastructure (e.g., Splunk, SIEM).
- Expert knowledge of endpoint and network detection (EDR/SASE), and hands-on experience with tools like CrowdStrike Falcon for investigation and response.
- Deep understanding of incident response methodologies and frameworks such as NIST 800-61, SANS, and the ability to lead high-severity CritSits.
- Demonstrated experience in correlating diverse telemetry (identity, cloud, network) to detect post-entry behavior and contain threats quickly.
- Experience managing and ingesting Indicators of Compromise (IOCs) and mapping actor techniques to standards like STIX/TAXII.
- Excellent communication skills, with the ability to articulate complex threat landscapes to both technical and non-technical audiences.
- Relevant industry certifications (e.g., GCIH, GCFA, CISSP, or vendor-specific EDR certifications).
Pay & Benefits
The cash compensation below includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles. In addition to cash compensation, some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are tailored to your skills, experience, qualifications, and other job-related reasons.
This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot’s compensation philosophy.
Benefits are also an important piece of your total compensation package. Explore the benefits and perks HubSpot offers to help employees grow better.
At HubSpot, fair compensation practices aren’t just about checking off the box for legal compliance. It’s about living out our value of transparency with our employees, candidates, and community.
We know the confidence gap and impostor syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.
If you need accommodations or assistance due to a disability, please reach out to us using this form.
At HubSpot, we value both flexibility and connection. Whether you’re a Remote employee or work from the Office, we want you to start your journey here by building strong connections with your team and peers. If you are joining our Engineering team, you will be required to attend a regional HubSpot office for in-person onboarding. If you join our broader Product team, you’ll also attend other in-person events, such as your Product Group Summit and other gatherings, to continue building on those connections.
If you require an accommodation due to travel limitations or other reasons, please inform your recruiter during the hiring process. We are committed to supporting candidates who may need alternative arrangements
Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Germany Applicants: (m/f/d) - link to HubSpot's Career Diversity page here.
India Applicants: link to HubSpot India's equal opportunity policy here.
About HubSpot
HubSpot (NYSE: HUBS) is an AI-powered customer platform with all the software, integrations, and resources customers need to connect marketing, sales, and service. HubSpot's connected platform enables businesses to grow faster by focusing on what matters most: customers.
At HubSpot, bold is our baseline. Our employees around the globe move fast, stay customer-obsessed, and win together. Our culture is grounded in four commitments: Solve for the Customer, Be Bold, Learn Fast, Align, Adapt & Go!, and Deliver with HEART. These commitments shape how we work, lead, and grow.
We’re building a company where people can do their best work. We focus on brilliant work, not badge swipes. By combining clarity, ownership, and trust, we create space for big thinking and meaningful progress. And we know that when our employees grow, our customers do too.
Recognized globally for our award-winning culture by Comparably, Glassdoor, Fortune, and more, HubSpot is headquartered in Cambridge, MA, with employees and offices around the world.
Explore more:
HubSpot may use AI to help screen or assess candidates, but all hiring decisions are always human. More information can be found here. By submitting your application, you agree that HubSpot may collect your personal data for recruiting, global organization planning, and related purposes. We may use CLEAR ID Verification during the hiring process to confirm your identity and help maintain a safe, secure, and trusted experience for all candidates. Refer to HubSpot's Recruiting Privacy Notice for details on data processing and your rights.
Similar Jobs
Senior Software Engineer
Keyfactor, Inc. · Canada,USA
Staff Software Engineer - Grafana Cloud k6
Grafana Labs · USA - East,USA - Central
Software Engineer
Twilio · USA
Software Engineer, CDN Security
Vercel · USA
Principal Analytics Engineer
Elastic · USA
Principal Software Engineer, Security, Detection & Response
HubSpot is looking for a talented Principal Software Engineer to shape and deliver advanced detection engineering, threat intelligence, and incident response solutions supporting our growing platform. In this pivotal org-impacting role, you will use your extensive hands-on engineering experience to influence the technical direction of our detection and response capabilities, implement best-in-class security practices, and help attain high standards for operational excellence. You’ll tackle challenging problems and partner closely with cross-functional peers, making a tangible impact on our defenses and resilience.
At HubSpot, security isn’t just a checkbox—it’s woven into everything we do. By building robust detection foundations and scalable response systems, you’ll be enabling our teams and customers to grow better, together. If you’re motivated to strengthen threat detection and response for millions of organizations at scale, you’ll find this opportunity exciting!
Responsibilities
As a Principal Software Engineer, you will play a leading role in building strong detection foundations and response frameworks to advance HubSpot’s security posture. You will be a trusted technical leader, driving the development of automated detection systems and prioritizing mitigations based on current threats and coverage gaps. You will partner closely with engineering teams to supply data for purple team exercises and implement practical solutions that mitigate risks. Your deep technical knowledge will help guide architectural decisions for our corporate security logging infrastructure and SIEM. Day-to-day, you’ll contribute code to security automations, review designs for detection reliability, and provide technical mentorship to engineers—championing detection-in-depth in everything we do.
You’ll act as a key point of contact for threat intelligence and incident response expertise—ensuring that HubSpot’s products meet both internal guardrails and external customer trust needs. You will support incident response efforts by aiding in investigations, understanding bad actor behaviors, and proactively anticipating future actions. You will work closely with product managers and legal/privacy partners to ensure incident response standards like NIST and SANS are woven into our lifecycle. You will also produce actionable intelligence by filtering and correlating data from indicators of compromise (IOCs) using platforms like Splunk and CrowdStrike.
The secure systems and practices you establish will have a real and lasting impact on upholding the integrity of the data entrusted to HubSpot. By evaluating customer impact on threats and maintaining relationships with industry contacts for intelligence sharing, you will directly contribute to a secure experience for every customer—enabling them to focus on running and growing their business with confidence.
Key Expectations
We are looking for an experienced and forward-thinking security leader with the following qualifications:
- 10-15 years of experience in software development and information security, with a focus on detection engineering, threat intelligence, and incident response.
- Proven experience in designing and implementing automated detection systems and managing large-scale security logging infrastructure (e.g., Splunk, SIEM).
- Expert knowledge of endpoint and network detection (EDR/SASE), and hands-on experience with tools like CrowdStrike Falcon for investigation and response.
- Deep understanding of incident response methodologies and frameworks such as NIST 800-61, SANS, and the ability to lead high-severity CritSits.
- Demonstrated experience in correlating diverse telemetry (identity, cloud, network) to detect post-entry behavior and contain threats quickly.
- Experience managing and ingesting Indicators of Compromise (IOCs) and mapping actor techniques to standards like STIX/TAXII.
- Excellent communication skills, with the ability to articulate complex threat landscapes to both technical and non-technical audiences.
- Relevant industry certifications (e.g., GCIH, GCFA, CISSP, or vendor-specific EDR certifications).
Pay & Benefits
The cash compensation below includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles. In addition to cash compensation, some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are tailored to your skills, experience, qualifications, and other job-related reasons.
This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot’s compensation philosophy.
Benefits are also an important piece of your total compensation package. Explore the benefits and perks HubSpot offers to help employees grow better.
At HubSpot, fair compensation practices aren’t just about checking off the box for legal compliance. It’s about living out our value of transparency with our employees, candidates, and community.
We know the confidence gap and impostor syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.
If you need accommodations or assistance due to a disability, please reach out to us using this form.
At HubSpot, we value both flexibility and connection. Whether you’re a Remote employee or work from the Office, we want you to start your journey here by building strong connections with your team and peers. If you are joining our Engineering team, you will be required to attend a regional HubSpot office for in-person onboarding. If you join our broader Product team, you’ll also attend other in-person events, such as your Product Group Summit and other gatherings, to continue building on those connections.
If you require an accommodation due to travel limitations or other reasons, please inform your recruiter during the hiring process. We are committed to supporting candidates who may need alternative arrangements
Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.
Germany Applicants: (m/f/d) - link to HubSpot's Career Diversity page here.
India Applicants: link to HubSpot India's equal opportunity policy here.
About HubSpot
HubSpot (NYSE: HUBS) is an AI-powered customer platform with all the software, integrations, and resources customers need to connect marketing, sales, and service. HubSpot's connected platform enables businesses to grow faster by focusing on what matters most: customers.
At HubSpot, bold is our baseline. Our employees around the globe move fast, stay customer-obsessed, and win together. Our culture is grounded in four commitments: Solve for the Customer, Be Bold, Learn Fast, Align, Adapt & Go!, and Deliver with HEART. These commitments shape how we work, lead, and grow.
We’re building a company where people can do their best work. We focus on brilliant work, not badge swipes. By combining clarity, ownership, and trust, we create space for big thinking and meaningful progress. And we know that when our employees grow, our customers do too.
Recognized globally for our award-winning culture by Comparably, Glassdoor, Fortune, and more, HubSpot is headquartered in Cambridge, MA, with employees and offices around the world.
Explore more:
HubSpot may use AI to help screen or assess candidates, but all hiring decisions are always human. More information can be found here. By submitting your application, you agree that HubSpot may collect your personal data for recruiting, global organization planning, and related purposes. We may use CLEAR ID Verification during the hiring process to confirm your identity and help maintain a safe, secure, and trusted experience for all candidates. Refer to HubSpot's Recruiting Privacy Notice for details on data processing and your rights.
Similar Jobs
Senior Software Engineer
Keyfactor, Inc. · Canada,USA
Staff Software Engineer - Grafana Cloud k6
Grafana Labs · USA - East,USA - Central
Software Engineer
Twilio · USA
Software Engineer, CDN Security
Vercel · USA
Principal Analytics Engineer
Elastic · USA