Senior Offensive Security Engineer

Requirements

• 5 or more years experience in application security, threat Intelligence or incident response
• Previous involvement in red teaming, adversary emulation, or penetration testing
• Experience working with at least one programming language (Java, C#, Python etc)
• Understanding of secure development practices, public cloud, and network security
• Familiarity with security monitoring tools and investigation tools such as Splunk and Kibana
• Ability to communicate information about security and risk to a diverse audience

What You'll Be Doing

• Continuously measure HubSpot’s application security defences, highlighting areas of strength and weakness
• Provide security-focused recommendations based on threat intelligence and vulnerability assessments
• Participate in red team exercises to find weaknesses in HubSpot’s products and tools
• Maintain knowledge of the latest vulnerabilities, exploits, and the evolving threat landscape and distil that knowledge to other groups within HubSpot
• Manage programs for bug bounty and internal and external penetration testing, ensuring vulnerabilities are identified and mitigated
• Act as an escalation point for security incidents that require the specialized knowledge of this team
• Conduct research on campaigns and actors through technical analysis of data
• Drive projects and improvements that improve HubSpot’s Security and Privacy controls within the Product Organization and beyond

Nice to Haves

• No additional nice to have requirements provided

Perks and Benefits

• No specific perks and benefits mentioned