HubSpot

Principal Compliance Analyst

HubSpot

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Salary

💰 $123,800 - $198,100 per year

Job Level

Lead

Tech Stack

AWSAzureCloudDistributed SystemsGoogle Cloud PlatformSDLC

About the role

  • Define and evolve HubSpot’s compliance-by-design methodology, embedding regulatory and internal control requirements directly into engineering and product workflows.
  • Build scalable, repeatable control patterns and reference architectures that align with SOC 2, ISO, NIST, GDPR, SOX, and AI governance obligations.
  • Translate regulatory language into actionable technical requirements that engineers can adopt early in the design process.
  • Partner with Security Compliance Automation and Monitoring team to design and implement automated evidence collection, continuous control monitoring, policy-as-code frameworks, and automated compliance validation in CI/CD.
  • Define the technical control properties that automation teams should monitor (e.g., logging configuration, encryption controls, IAM boundaries, data flows, change management).
  • Work with platform teams to build compliance logic into developer experience tooling, ensuring compliance checks happen before, during, and after service deployment.
  • Design the compliance onboarding lifecycle for new services, products, and internal platforms; clarifying required controls, evidence needs, and architectural expectations.
  • Build self-service documentation, templates, tooling, and workflows so engineering teams understand their compliance responsibilities without friction.
  • Identify patterns of operational toil and partner with engineering to redesign them into automated, low-lift solutions.
  • Partner with stakeholders in cross-functional teams like Engineering, Product, Legal, Finance, Internal Audit, and Enterprise Risk Management to align on responsibilities, processes, and evidence requirements.
  • Participate in architecture reviews, service readiness programs, and cross-organizational initiatives that introduce or modify compliance controls.
  • Establish metrics and KPIs for control adoption, automated evidence coverage, and compliance readiness.
  • Identify systemic gaps across services and platforms and develop long-term architectural solutions to reduce risk.

Requirements

  • 12–15+ years in compliance engineering, cloud governance, secure development, or risk architecture within a large-scale SaaS environment.
  • Deep knowledge of compliance standards such as SOX, SOC1, SOC 2, ISO 27001/27701, NIST 800-53, PCI, GDPR, and emerging AI governance frameworks such as ISO 42001.
  • Significant experience embedding compliance requirements into SDLC processes, CI/CD pipelines, cloud-native architectures, developer experience tooling, and microservice/service onboarding workflows.
  • Strong hands-on understanding of continuous compliance monitoring, automated evidence collection and storage, policy-as-code frameworks, cloud configuration monitoring, event-driven or API-driven control validation.
  • Proven success collaborating with Security or Compliance Automation teams to operationalize controls at scale.
  • Ability to read, review, and critique architectural diagrams and service designs.
  • Familiarity with AWS/GCP/Azure security models, identity governance, data flows, and distributed systems.
  • Understanding of AI/ML governance and compliance needs (data lineage, model lifecycle controls, evaluation, provenance, auditability).
Benefits
  • The cash compensation includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles.
  • Eligible roles may participate in HubSpot’s equity plan to receive restricted stock units (RSUs).
  • Some roles may also be eligible for overtime pay.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
compliance engineeringcloud governancesecure developmentrisk architecturecontinuous compliance monitoringautomated evidence collectionpolicy-as-code frameworkscloud configuration monitoringmicroservice onboarding workflowsAI governance
Soft skills
collaborationcommunicationproblem-solvingcritical thinkingstakeholder managementorganizational skillsattention to detailadaptabilityleadershipprocess improvement
Certifications
ISO 27001ISO 27701SOC 1SOC 2NIST 800-53PCIISO 42001