Senior Offensive Security Engineer II
Go ad-free with PremiumTo see similar active jobs please follow this link: Remote Development jobs
POS-26029
The HubSpot Threats and Vulnerabilities team protects our customers by systematically reducing HubSpot’s attack surface and improving the maturity of HubSpot’s Product Security. We create this path forward by mapping out HubSpot’s defences, identifying and prioritizing improvements based on threat intelligence, and testing our applications and infrastructure to find and fix weaknesses.
The team comprises highly skilled individuals experienced in the security and development of Cloud services. This team provides support and guidance across both the Product and Security organizations at HubSpot. We are looking for experienced engineers from diverse backgrounds to augment the team’s skill set and offer new perspectives on security and risk and how it relates to HubSpot’s program.
In this role, you will:
Guide development teams in secure development and protective measures to deter abuse or attacks
Provide security-focused recommendations based on threat intelligence, other real-world security events, and vulnerability assessments
Build secure application design standards that allow low-friction adoption by product teams
Lead security-focused architecture reviews and threat modeling in newly built features and existing product microservices infrastructure
Continuously improve HubSpot's application security program by educating developers, creating secure defaults, and increasing automated testing
Lead red team exercises to find weaknesses in HubSpot’s services, tools, and infrastructure
Maintain knowledge of the latest vulnerabilities, exploits, and the evolving threat landscape and distil that knowledge to other groups within HubSpot
Manage programs for bug bounty and internal and external penetration testing, ensuring vulnerabilities are identified and mitigated
Act as an escalation point for security incidents that require the specialized knowledge of this team
Drive projects and improvements that improve HubSpot’s Security and Privacy controls within the Product Organization and beyond
We are looking for people who have:
10 years experience in application security, software development, or incident response
Previous involvement in red teaming, adversary emulation, or penetration testing
Experience working with at least one programming language (Java, C#, Python etc)
Experience with secure development practices, public cloud, and network security
Familiarity with security monitoring tools and investigation tools such as Splunk and Kibana
Ability to communicate information about security and risk to a diverse audience
Senior Offensive Security Engineer II
To see similar active jobs please follow this link: Remote Development jobs
POS-26029
The HubSpot Threats and Vulnerabilities team protects our customers by systematically reducing HubSpot’s attack surface and improving the maturity of HubSpot’s Product Security. We create this path forward by mapping out HubSpot’s defences, identifying and prioritizing improvements based on threat intelligence, and testing our applications and infrastructure to find and fix weaknesses.
The team comprises highly skilled individuals experienced in the security and development of Cloud services. This team provides support and guidance across both the Product and Security organizations at HubSpot. We are looking for experienced engineers from diverse backgrounds to augment the team’s skill set and offer new perspectives on security and risk and how it relates to HubSpot’s program.
In this role, you will:
Guide development teams in secure development and protective measures to deter abuse or attacks
Provide security-focused recommendations based on threat intelligence, other real-world security events, and vulnerability assessments
Build secure application design standards that allow low-friction adoption by product teams
Lead security-focused architecture reviews and threat modeling in newly built features and existing product microservices infrastructure
Continuously improve HubSpot's application security program by educating developers, creating secure defaults, and increasing automated testing
Lead red team exercises to find weaknesses in HubSpot’s services, tools, and infrastructure
Maintain knowledge of the latest vulnerabilities, exploits, and the evolving threat landscape and distil that knowledge to other groups within HubSpot
Manage programs for bug bounty and internal and external penetration testing, ensuring vulnerabilities are identified and mitigated
Act as an escalation point for security incidents that require the specialized knowledge of this team
Drive projects and improvements that improve HubSpot’s Security and Privacy controls within the Product Organization and beyond
We are looking for people who have:
10 years experience in application security, software development, or incident response
Previous involvement in red teaming, adversary emulation, or penetration testing
Experience working with at least one programming language (Java, C#, Python etc)
Experience with secure development practices, public cloud, and network security
Familiarity with security monitoring tools and investigation tools such as Splunk and Kibana
Ability to communicate information about security and risk to a diverse audience