Principal Software Engineer, Security
Responsibilities
- Play a leading role in building strong security foundations to advance HubSpot’s security posture.
- Drive the development and improvement of secure software systems as a trusted technical leader within your organization.
- Partner closely with engineering and security teams to implement practical, hands-on solutions that mitigate risks and strengthen product offerings.
- Guide architectural decisions and establish best practices across projects in your org.
- Contribute code, review designs, and provide technical mentorship to engineers, championing security in everything we do.
- Act as a key point of contact for security expertise within the org, ensuring HubSpot’s products meet both internal guardrails and external customer’s trust and security needs.
- Work closely with engineers, product managers, and legal/compliance partners to ensure security is woven into the software development lifecycle and organizational objectives remain aligned with secure design and delivery.
- Help shape our approach to securing AI initiatives, sharing knowledge and fostering technical capabilities for building secure, innovative AI systems.
Requirements
- 10+ years of experience in software development and information security, with a focus on identity, access, and applied cryptography.
- Proven experience in designing and implementing identity infrastructure and other foundational security services in a cloud-native environment.
- Expert knowledge of secure development, public cloud security, and network security.
- Deep understanding and practical implementation experience with Zero Trust principles, including identity-centric security, continuous verification, and least-privilege access across distributed environments.
- Experience designing and leading the execution of large-scale migrations, ensuring the safe, secure, and seamless transition of critical systems or data while minimizing customer impact.
- Demonstrated experience in securing artificial intelligence systems such as AI/ML workflows, training data, models, agents, and deployments, to mitigate emerging AI-specific threats.
- Comfortable with leveraging and championing AI development tools (such as GitHub Copilot, Claude, ChatGPT) to enhance productivity and code quality.
- Proven track record of mentoring and developing other security engineers, fostering technical growth and elevating security expertise across the org.
- Excellent communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences.
- A passion for staying current with the latest security trends and a commitment to continuous learning.
- Strong understanding of security, privacy, and compliance standards such as SOC 2, ISO 27001, NIST 800-53 and GDPR.
- Relevant industry certification (e.g., CISSP, CEH, Azure Cybersecurity Architect, AWS Speciality, etc.).
Qualifications
- 10+ years of experience in software development and information security, with a focus on identity, access, and applied cryptography.
- Proven experience in designing and implementing identity infrastructure and other foundational security services in a cloud-native environment.
- Expert knowledge of secure development, public cloud security, and network security.
- Deep understanding and practical implementation experience with Zero Trust principles, including identity-centric security, continuous verification, and least-privilege access across distributed environments.
- Experience designing and leading the execution of large-scale migrations, ensuring the safe, secure, and seamless transition of critical systems or data while minimizing customer impact.
- Demonstrated experience in securing artificial intelligence systems such as AI/ML workflows, training data, models, agents, and deployments, to mitigate emerging AI-specific threats.
- Comfortable with leveraging and championing AI development tools (such as GitHub Copilot, Claude, ChatGPT) to enhance productivity and code quality.
- Proven track record of mentoring and developing other security engineers, fostering technical growth and elevating security expertise across the org.
- Excellent communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences.
- A passion for staying current with the latest security trends and a commitment to continuous learning.
- Strong understanding of security, privacy, and compliance standards such as SOC 2, ISO 27001, NIST 800-53 and GDPR.
- Relevant industry certification (e.g., CISSP, CEH, Azure Cybersecurity Architect, AWS Speciality, etc.).
Pay & Benefits
The cash compensation below includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles. In addition to cash compensation, some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are tailored to your skills, experience, qualifications, and other job-related reasons. This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot’s compensation philosophy.
Benefits are also an important piece of your total compensation package. Explore the benefits and perks HubSpot offers to help employees grow better.