Lead Compliance Analyst
ExternalPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
About the role
HubSpot is seeking a Lead Compliance Analyst to play a critical role in maintaining and scaling our Security Compliance program. This role focuses on ensuring internal controls and processes can grow alongside our Product and evolve to meet the rapidly changing risk landscape posed by agentic AI. You will be a senior individual contributor responsible for maintaining existing compliance requirements, including SOX, SOC 1, SOC 2, HIPAA, and PCI, while scaling our control environment to reduce manual effort, provide stronger assurance, and meet future compliance demands. This role is ideal for a seasoned GRC professional who enjoys partnering deeply with technical teams, exercising strong judgment, and owning complex compliance workstreams end-to-end.
Responsibilities
- Audit Execution and Onboarding
- Oversee the third-party audit execution lifecycle, including evidence gathering, walkthroughs, and stakeholder management
- Lead compliance onboarding for new products, features, and major engineering changes
- Review control design and operational readiness prior to go-live
- Provide clear, actionable guidance to teams on control expectations and evidence requirements
- Lead implementation for new and evolving compliance obligations
- Remediation Partnership and Issue Management
- Work directly with Engineering, Product, and Finance partners to support remediation of control gaps
- Validate corrective actions and ensure issues are fully resolved
- Track recurring issues and surface systemic risks to leadership
- Control Improvement and Scale
- Identify opportunities to reduce manual effort through better design, standardization, and automation
- Partner with Security Automation and Engineering teams to support programmatic compliance checks over time
Requirements
- Required
- Extensive demonstrated experience in IT Compliance or Security GRC, preferably in a SaaS or technology-driven environment
- Strong hands-on experience with:
- SOC 1 / SOC 2 or ISO 27001
- Control automation or GRC engineering
- Control design and readiness assessments
- Issue remediation and audit support
- Familiarity with:
- SOX 404
- HIPAA and/or PCI
- ISO 42001, NIST AI RMF, AIUC-1, or other AI and agentic control frameworks
- Experience partnering with Product and Engineering teams on compliance matters
- Ability to independently own complex compliance initiatives end-to-end
- Strong written and verbal communication skills
- Preferred
- Comfort working in fast-paced, evolving technical environments
- Certifications such as CISA, CRISC, CISSP, or equivalent preferred
- Why HubSpot
- Pay & Benefits
- This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot's compensation philosophy .
- Benefits are also an important piece of your total compensation package. Explore the benefits and perks HubSpot offers to help employees grow better.
- At HubSpot, fair compensation practices aren't just about checking off the box for legal compliance. It's about living out our value of transparency with our employees, candidates, and community.
- Annual Cash Compensation Range:
- $112,700 - $180,300 USD
- We know the confidence gap and impostor syndrome can get in the way of meeting spectacular candidates, so please don't hesitate to apply - we'd love to hear from you.
- If you need accommodations or assistance due to a disability, please reach out to us using this form .
- If you require an accommodation due to travel limitations or other reasons, please inform your recruiter during the hiring process. We are committed to supporting candidates who may ne
Benefits
Additional Information
POS-15422 Lead Compliance Analyst
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at hubspotjobs? Share your experience