Lead Compliance Analyst

About the Role

HubSpot is seeking a Lead Compliance Analyst to play a critical role in our Product SOX Compliance program. This role focuses on ensuring new products and features are designed, launched, and operated in a SOX-compliant manner by partnering closely with Product and Engineering teams.

You will be a senior individual contributor responsible for product compliance onboarding, high-risk control testing, and remediation support, helping shift SOX compliance from reactive audit response to proactive assurance.

This role is ideal for a seasoned SOX or GRC professional who enjoys working deeply with technical teams, exercising strong judgment, and owning complex compliance workstreams.

What You’ll Do

Product SOX Compliance Onboarding & Readiness

• Lead compliance onboarding for new products, features, and major engineering changes.
• Review control design and operational readiness prior to Go-Live.
• Partner with Product and Engineering teams to identify SOX-relevant risks and ensure appropriate controls are in place early.
• Provide clear, actionable guidance to teams on control expectations and evidence requirements.

High-Risk & Targeted Control Testing

• Execute deep-dive testing of high-risk SOX controls, including: user access and privilege management, change management, data integrity and financial reporting dependencies.
• Perform root-cause analysis when issues are identified.
• Document results clearly and defensibly for audit consumption.

Remediation Partnership & Issue Management

• Work directly with Engineering, Product, and Finance partners to support remediation of control gaps.
• Validate corrective actions and ensure issues are fully resolved.
• Track recurring issues and surface systemic risks to leadership.

Program Improvement & Scale

• Contribute to the evolution of product SOX onboarding frameworks, testing methodologies, and documentation standards.
• Identify opportunities to reduce manual effort through better design, standardization, or automation.
• Partner with Security Automation and Engineering teams to support programmatic compliance checks over time.

What We’re Looking For

Required

• 7-12+ years of experience in SOX, IT Compliance, or Security GRC, preferably in a SaaS or technology-driven environment.
• Strong hands-on experience with: SOX 404 control testing, control design and readiness assessments, issue remediation and audit support.
• Experience partnering with product and engineering teams on compliance matters.
• Ability to independently own complex compliance initiatives end-to-end.
• Strong written and verbal communication skills.

Preferred

• Experience with product-centric or platform-based SOX programs.
• Familiarity with SOC 1/2, ISO 27001, or NIST frameworks.
• Comfort working in fast-paced, evolving technical environments.
• Certifications such as CISA, CRISC, CISSP or equivalent experience.

Why HubSpot

At HubSpot, security is a core value. You’ll help protect the financial integrity and operational stability of a platform used by millions of organizations while enabling teams to innovate and move fast with confidence. If you are inspired by the challenge of securing millions of organizations in their quest to “Grow Better”, this is your opportunity!

HubSpot (NYSE: HUBS) is an AI-powered customer platform with all the software, integrations, and resources customers need to connect marketing, sales, and service. HubSpot's connected platform enables businesses to grow faster by focusing on what matters most: customers.

Key skills/competency

• SOX Compliance
• GRC (Governance, Risk, and Compliance)
• Product Compliance
• IT Controls
• Change Management
• User Access Management
• Data Integrity
• Risk Management
• Audit Support
• SaaS Environment