Principal Software Engineer, Security

POS-2643

---

At HubSpot, security isn’t a checkbox—it’s fundamental to how we design, build, and operate our products. We’re looking for a Principal Software Engineer, Security to help define and deliver secure systems at scale: someone who writes production code, shapes architecture, and raises the bar on how security is engineered across HubSpot’s platform.

In this role, you’ll play a leading part in advancing HubSpot’s overall security posture, partnering across Product and Corporate Security to design and implement pragmatic, scalable security solutions. You’ll be a hands-on technical leader who moves comfortably between high-level strategy and deep hands-on production software development, enabling millions of customers to “Grow Better” with confidence.

If you’re motivated by protecting a large, distributed SaaS platform from emerging threats while empowering product teams to move quickly and safely, we’d love to talk.

About the team

HubSpot’s Security organization is responsible for security, privacy, and compliance across our cloud-based infrastructure and product surface area. Our mission is to provide world‑class secure platforms and guardrails that make the safest path also the easiest one for our engineers and customers.

You’ll work closely with Product, Infrastructure, Operations and Corporate Security to build defense‑in‑depth: from secure-by-default platform capabilities to resilient incident response and data protection, to a robust security program for emerging areas like AI.

Responsibilities

As a Principal Software Engineer, Security, you will:

• Lead the design and implementation of secure, scalable foundations (services, libraries, patterns, and platforms)  developing the software that other HubSpot teams build on, raising the default level of security across the company with an easy-to-use paved path.
• Act as a trusted technical leader within your org, driving the development and improvement of secure software systems and influencing architectural decisions with a security mindset.
• Partner deeply with engineering and security teams (Product, Infra, Detection & Response, Compliance, etc.) to deliver practical, hands‑on solutions that mitigate real risks without sacrificing developer velocity.
• Translate organizational priorities into concrete security outcomes by defining technical direction, setting guardrails, and aligning roadmaps so that security is baked into the SDLC by default.
• Contribute production code and conduct deep design and code reviews, especially for high‑risk or foundational components, championing secure development practices and simplicity.
• Identify and assess security risks across multiple domains (application security, infrastructure, data security, detection, identity, and more), then design and drive implementation of controls and mitigations.
• Lead or play a key role in security incidents and CritSits: helping investigate, contain, and remediate issues; driving root‑cause analysis; and turning learnings into durable improvements in our systems, tooling, and processes.
• Serve as a point of contact and subject‑matter expert for security in your area, ensuring HubSpot’s products meet internal guardrails and external customer trust, compliance, and regulatory expectations.
• Help shape our approach to securing AI and emerging technologies, building and advocating for patterns that keep data and systems safe while enabling rapid innovation.
• Mentor and uplevel other engineers: sharing context, shaping designs, modeling great technical judgment, and contributing to the growth of security expertise across Product and Security teams.

Key Expectations

We’re looking for a hands‑on security engineer and technical leader with:

• 14+ years of experience in software development and information security building and operating production systems, with depth in at least one major security domain (e.g., application/product security, data security, infrastructure/cloud security, detection & response, or identity & access management).
• Proven experience de