RemoteLeaf Logo
Log in Sign up

Principal Detection Engineer

1 month ago
United States
Full-time
Lead
Security Engineer
Cybersecurity
AWS Azure GCP Linux macOS PowerShell Python SIEM Splunk
Apply Now
HubSpot

HubSpot

HubSpot provides a comprehensive cloud-based CRM platform that integrates marketing, sales, service, and operations tools to help businesses attract, engage, and delight customers effectively.

Media
5K-10K
Founded 2006
View All Jobs 36

Description

  • Own and build a full-lifecycle threat detection engineering program, including research, development, and delivery of detection capabilities.
  • Design and implement detection use cases and write detection logic across a variety of security platforms.
  • Create, run, and validate attack simulation scenarios and reproduce real-world attacks to test detection effectiveness.
  • Collaborate with incident response to improve alert reliability, assist during critical security incidents, and refine response workflows.
  • Partner with engineering teams to develop tooling and automation that enable detection engineering and investigation work.
  • Leverage an automation-first mindset to streamline detection development, testing, and operational tasks.
  • Collect, aggregate, and analyze large sets of structured and unstructured data from disparate sources to support detection and investigations.
  • Use SIEM and other security tools to perform investigations and tune detections to reduce false positives.
  • Consult with stakeholders on operational security, infrastructure architecture, and security policies to influence company-wide controls and practices.

Requirements

  • 10+ years of security experience (ideal) with hands-on security operations in modern zero-trust, cloud/SaaS-heavy environments.
  • Proven experience building or maturing a detection engineering program and identifying/building new detection use cases.
  • Practical incident response experience and strong understanding of incident response best practices, including responding to moderate-to-complex incidents.
  • Ability to collect and analyze large sets of structured and unstructured data from disparate sources for detection and investigations.
  • Solid experience using SIEM tools (e.g., Splunk) for security investigations and tuning detections.
  • Experience with a range of security tools (EDR, SASE, IDP, etc.) to support investigations.
  • Strong networking and systems knowledge with practical experience across macOS, Windows, and Linux.
  • Experience using code (Python, PowerShell) to automate tasks, facilitate data analysis, and build detection tooling.
  • Experience monitoring and securing cloud environments (AWS, GCP, or Azure) and familiarity with SOAR platforms and automation frameworks.
  • Experience defining and implementing security policies, procedures, controls, and providing internal security consultancy; familiarity with planning/executing security assessments and staying current with industry threats and advisories.

Benefits

  • Annual cash compensation range: $188,500 — $301,600 USD.
  • Eligibility to participate in HubSpot’s equity plan (restricted stock units) for some roles.
  • On-target bonus/commission targets and potential overtime pay where applicable; individual packages tailored to skills and experience.
  • Comprehensive benefits and perks (see HubSpot benefits and perks page) to support employee growth and wellbeing.
  • Flexible/remote-first work environment with regional in-person onboarding for Engineering hires and periodic in-person Product events.
  • Accommodation support for candidates and employees who need adjustments during the hiring process or onboarding.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Databricks

Head of Corporate Engineering

Databricks 1K-5K IT Services

Databricks is hiring a Head of Corporate Engineering to lead global enterprise engineering and operations, building and scaling secure cloud infrastructure, identity and access, endpoints, collaboration and engineering tools to enable developer velocity and enterprise compliance.

United States Full-time Lead Infrastructure Engineer Security Engineer
$265k-$364k
Agile AWS Azure Confluence GCP GitHub JIRA macOS
1 month ago
ClickHouse

Incident Response Security Engineer

ClickHouse 51-250 IT Services

Security practitioner role at ClickHouse focused on scaling incident detection and response capabilities, driving adoption of security processes and tooling, and protecting the company’s cloud and product infrastructure for customer-facing services.

United Kingdom Full-time Senior Security Engineer
AWS Azure ClickHouse GCP Penetration Testing Python SIEM
1 month ago
Samsara

Senior Security Engineer - Vulnerability Management

Samsara 1K-5K IT Services

Senior Security Engineer at Samsara responsible for deploying, operating, and improving the company’s Vulnerability Management program to reduce software vulnerabilities and protect customer-facing infrastructure.

United States Full-time Senior Security Engineer
$158k-$238k
AWS CI/CD DevSecOps Go Python Serverless Terraform
1 month ago
ARETUM

Junior DevSecOps Engineer - Contingent

ARETUM Construction & Engineering

Junior DevSecOps Engineer at Aretum supporting a federal client to operate, automate, and secure cloud-based systems and CI/CD pipelines to enable reliable, compliant deployments.

United States Full-time Junior DevOps Engineer Security Engineer
Agile Ansible AWS AWS CDK Azure Chef CI/CD Docker Encryption Git GitLab CI Grafana JIRA Kubernetes Linux LXC Prometheus Puppet SaltStack Scrum Serverless Terraform
1 month ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers