Principal Software Engineer, Security

Location: Remote - USA

Department: Engineering

About the Role

At HubSpot, we empower businesses to grow better through our industry-leading CRM platform and inbound marketing solutions. As a Principal Software Engineer, Security, you'll play a pivotal role in safeguarding our customers' data and trust, enabling millions to thrive in their growth journeys. In this leadership position within our Engineering team, you'll architect secure systems that scale with HubSpot's explosive growth, ensuring our multi-tenant SaaS environment remains resilient against evolving threats while aligning with our culture of transparency, innovation, and customer obsession. You'll lead security strategy for core products, collaborating with product, growth, and engineering teams to integrate security seamlessly into the development lifecycle. From threat modeling inbound marketing workflows to hardening CRM data pipelines, your work will directly impact how customers engage with HubSpot's ecosystem. Embrace our HEART framework to measure success not just in code, but in happy, thriving users, all while mentoring engineers in our ONE HubSpot culture of radical candor and shared wins. Join a team that's redefining go-to-market success in a flexible, growth-oriented environment. If you're passionate about security in SaaS, excited by inbound principles, and ready to contribute to a company that's as invested in your growth as its own, apply to shape the future of secure customer experiences at HubSpot.

Key Responsibilities

• Lead the design and implementation of security architecture for HubSpot's core CRM and inbound marketing platforms
• Drive security initiatives to protect customer data in a high-growth, multi-tenant environment
• Collaborate with engineering teams to embed security practices into the software development lifecycle
• Conduct threat modeling, risk assessments, and vulnerability management for HubSpot products
• Mentor and guide senior engineers on secure coding practices and security tooling
• Partner with product and growth teams to ensure security supports HubSpot's inbound methodology
• Develop and maintain security policies aligned with HubSpot's culture of transparency and innovation
• Respond to security incidents and lead post-mortem analyses to improve resilience
• Advocate for security within HubSpot's ONE team culture, fostering cross-functional alignment
• Stay ahead of emerging threats and integrate cutting-edge security technologies

Required Qualifications

• Bachelor's degree in Computer Science, Engineering, or related field, or equivalent practical experience
• 10+ years of software engineering experience, with at least 5 years focused on security engineering
• Deep expertise in designing and implementing secure systems at scale in cloud environments (AWS, GCP, or Azure)
• Proven track record of leading security initiatives in high-growth SaaS environments
• Strong understanding of security best practices for CRM platforms and inbound marketing tools
• Experience with compliance frameworks such as SOC 2, GDPR, and ISO 27001
• Ability to mentor senior engineers and collaborate cross-functionally in a fast-paced culture

Preferred Qualifications

• Experience securing CRM systems like HubSpot or Salesforce
• Advanced knowledge of inbound marketing security challenges and data privacy in marketing automation
• Contributions to open-source security projects or publications in the field
• Familiarity with HubSpot's HEART framework (Happy, Engaged, Adopted, Retained, Thriving)
• Previous leadership in security architecture for multi-tenant SaaS applications

Required Skills

• Expertise in secure software development (SDL)
• Proficiency in cloud security (IAM, encryption, networking)
• Strong knowledge of authentication/authorization (OAuth, SAML, JWT)
• Experience with security tools (SIEM, WAF, DAST/SAST)
• Deep understanding of web application security (OWASP Top 10)
• Programming in Go, Java, Python, or similar
• Container security (Docker, Kubernetes)
• Incident response and forensics
• Cross-functional collaboration
• Leadership and mentorship
• Threat modeling and risk analysis
• Compliance and audit experience
• Adaptability in fast-paced growth environments
• Communication of complex security concepts
• Problem-solving under pressure
• Familiarity with CRM data security

Benefits

• Unlimited PTO and flexible work-from-anywhere policy
• Comprehensive health, dental, and vision insurance
• 401(k) matching and employee stock purchase plan
• Professional development stipend and tuition reimbursement
• HubSpot Academy courses and certifications
• Parental leave and family-forming benefits
• Wellness programs including mental health support
• Quarterly stipends for home office setup and learning
• Vibrant culture events and volunteer time off

HubSpot is an equal opportunity employer.