Principal Detection Engineer
About The Position
In the Principal Detection Engineering role, you will be responsible for the lifecycle of threat detection. You will build use cases and write detection logic on a variety of security platforms to detect malicious activity in various attack stages. You will build attack simulation scenarios, reproduce attack scenarios, and test the effectiveness of new detection logic. You will also partner with engineering teams to develop technology that enables this work. You will closely collaborate with the incident response team to improve the reliability and quality of alerts. Your technical skills, collaboration and teamwork will help to ensure that our detection system works well to secure HubSpot and its customers. If you want to solve interesting challenges in the threat detection arena and solve unique, complex security challenges this is the role you want to be in. As a Principal Security Engineer, you will take on complete ownership of the threat detection engineering program, responsible for delivering all necessary research and features to achieve our team’s goals in that area. You will also have the opportunity to lead broad initiatives that go beyond your own work.
Requirements
- Experience building / maturing a detection engineering program
- Hands-on security operations experience working within a modern zero trust oriented cloud / SaaS-heavy environment
- Strong understanding of incident response best practices with practical experience responding to moderate to complex security incidents
- Experience identifying / building new detection use cases
- Ability to collect / analyze large sets of structured / unstructured data from disparate sources
- Solid experience using SIEM tools (Splunk) for security investigations
- Experience using various security tools (EDR,SASE, IDP etc) to assist with an investigation
- Strong networking and systems knowledge with a good understanding of macOS, Windows and Linux
- Experience working collaboratively to define and implement security policies, procedures, and controls
- Experience providing internal security consultancy / advice to other teams within the company
- Experience using code (Python / Powershell) to solve problems, facilitate easier data analysis, and to automate security tasks
- Acutely aware of industry security trends, advisories, news, and general research
Nice To Haves
- Deep knowledge of macOS, Windows and Linux and practical experience in secure such systems
- Experience in detection engineering processes / behaviors
- Experience monitoring / securing AWS, GCP, or Azure cloud environments
- Experience with SOAR platforms
- Experience using automation tools / frameworks / applications
- Planning, coordinating, and / or executing security assessments of networks, systems, applications, and cloud platforms
Responsibilities
- Build a threat detection engineering program (full lifecycle)
- Build attack simulation scenarios, detection use cases & test their effectiveness
- Leverage an automation first mindset to work smarter / more efficiently
- Help respond when needed to critical security incidents
- Consult stakeholders on security-related subjects ranging from general OpSec, infrastructure architecture etc
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Principal
Education Level
No Education Listed
Number of Employees
5,001-10,000 employees
