The Product Security and Privacy team is responsible for driving security and privacy across all of the product teams within HubSpot. This is a new area of focus for product at HubSpot and the team is growing. The Product Security and Privacy team will be creating and updating the standards for secure development and privacy by design at HubSpot. This includes developing tools and monitoring that make it easy to implement these standards, put the customer first, and use good judgement around security and privacy issues.
We'll be educating other developers on their responsibilities, best practices, and why security and privacy matter to our customers. We'll be ensuring HubSpot can easily identify and protect all personal data. We will move forward through a combination of systems and policies, tools and automation, monitoring and testing. The team will also help respond to incidents relating to security and privacy and have operational responsibility for the systems we create.
You'll have the opportunity to work cross collaboratively with front- and back-end development teams, Legal, IT Security and Compliance, and Business Systems to ensure that together we have the right coverage across myriad security and privacy areas.
What We're Looking For
We need a wide range of skill sets on the Product Security and Privacy team, and know we're not going to get everything in one person. We believe in bringing in people with diverse backgrounds and providing both formal training and on-the-job cross-training within the teams. So if you're a developer with an interest in privacy and/or security, or a pen tester, security analyst or engineer with a desire to improve your coding skills, come join us!
Our ideal candidate will have some mix of the following skills (this is our wish list not a must have list):
* Secure Development/SDLC
* Privacy Engineering
* Red Team testing/pentesting
* DevOpsSec/security automation
* Java, Python, Bash
* Pipeline Security Testing
* Secure Secrets Management, Vault, Secret Server
* OAuth, SCIM
* AWS, IAM, Security Groups
* Burp suite, ZAP, Metasploit,
* BDD security, Gauntlt, Mittn
* SonarQube, Findbugs, Appscan, Coverity
* System Hardening/Security configuration
* OpenSCAP, CIS-CAT
* Puppet and other Configuration Management tools
* Pipeline Testing
* Vulnerability Management
* Risk Analysis
* Data Science/Machine Learning
* Statistical Analysis
Confidence can sometimes hold us back from applying for a job. But we'll let you in on a secret: there's no such thing as the 'perfect' candidate. HubSpot is a place where everyone can grow. So however you identify and whatever background you bring with you, please apply if this is a role that would make you excited to come into work every day.
HubSpot helps millions of organizations grow better, and we'd love to grow better with you. Our business builds the software and systems that power the world's small to medium-sized businesses. Our company culture builds connections, careers, and employee growth. How? By creating a workplace that values flexibility, autonomy, and transparency. If that sounds like something you'd like to be part of, we'd love to hear from you.
You can find out more about our company culture in the HubSpot Culture Code, which has more than 3M views, and learn about our commitment to creating a diverse and inclusive workplace, too. Thanks to the work of every HubSpotter globally who has helped build our remarkable culture, HubSpot has been named a top workplace by Glassdoor, Fortune, Entrepreneur, and more.
HubSpot was founded in 2006. We're headquartered in Cambridge, Massachusetts, and we have offices in Dublin (Ireland), Sydney (Australia), New Hampshire, Singapore, Tokyo (Japan), Berlin (Germany), and Bogotá (Colombia).
HubSpot is a company that develops a cloud-based marketing and sales software platform.