HubSpot is seeking a Principal IT Compliance Analyst to define and scale the internal compliance frameworks, engineering processes, and automated control patterns that enable HubSpot’s product teams to build and ship compliant-by-design and secure-by-design solutions.

This role is critical to ensuring that compliance is embedded into HubSpot’s software development lifecycle, developer tooling, and platform architecture making it seamless for engineering teams to understand and meet compliance requirements.

You will serve as a technical thought leader for compliance process design, control architecture, and automation strategy. You will partner closely with Engineering, Security Compliance Automation, Monitoring, Privacy, Legal, and GRC to transform compliance from a manual, audit-driven effort into a continuous, automated program anchored in engineering excellence.

At Hubspot, Security is a core value, and you will play a key role in ensuring our platform stays resilient against emerging threats and our security practices are world-class. If you are inspired by the challenge of securing millions of organizations in their quest to “Grow Better”, this is your opportunity!

Key Expectations

Architect Compliance-by-Design & Secure-by-Design Frameworks

Define and evolve HubSpot’s compliance-by-design methodology, embedding regulatory and internal control requirements directly into engineering and product workflows.
Build scalable, repeatable control patterns and reference architectures that align with SOC 2, ISO, NIST, GDPR, SOX, and AI governance obligations.
Translate regulatory language into actionable technical requirements that engineers can adopt early in the design process.

Partner Closely With Compliance Automation & Monitoring Teams

Partner with Security Compliance Automation and Monitoring team to design and implement:

automated evidence collection
continuous control monitoring
policy-as-code frameworks
automated compliance validation in CI/CD

Define the technical control properties that automation teams should monitor (e.g., logging configuration, encryption controls, IAM boundaries, data flows, change management).
Work with platform teams to build compliance logic into developer experience tooling, ensuring compliance checks happen before, during, and after service deployment.

Compliance Onboarding & Developer Enablement

Design the compliance onboarding lifecycle for new services, products, and internal platforms; clarifying required controls, evidence needs, and architectural expectations.
Build self-service documentation, templates, tooling, and workflows so engineering teams understand their compliance responsibilities without friction.
Identify patterns of operational toil and partner with engineering to redesign them into automated, low-lift solutions.

Cross-Functional Leadership

Partner with stakeholders in cross-functional teams like Engineering, Product, Legal, Finance, Internal Audit, and Enterprise Risk Management (amongst others) to align on responsibilities, processes, and evidence requirements.
Participate in architecture reviews, service readiness programs, and cross-organizational initiatives that introduce or modify compliance controls.
Advocate for design decisions that reduce compliance risk while enabling rapid innovation.

Drive Continuous Improvement in Compliance Maturity

Establish metrics and KPIs for control adoption, automated evidence coverage, and compliance readiness.
Identify systemic gaps across services and platforms and develop long-term architectural solutions to reduce risk.
Remain hands-on and curious while investigating complex technical environments, validating controls, and testing compliance logic.
Champion AI-assisted engineering tools to increase efficiency across compliance and evidence workflows.

Domain Expertise

We are looking for a compliance architect with the following qualifications:

Core Experience

12–15+ years in compliance engineering, cloud governance, secure development, or risk architecture within a large-scale SaaS environment.
Deep knowledge of compliance standards such as SOX, SOC1, SOC 2, ISO 27001/27701, NIST 800-53, PCI, GDPR, and emerging AI governance frameworks such as ISO 42001.
Significant experience embedding compliance requirements into:

SDLC processes
CI/CD pipelines
cloud-native architectures
developer experience tooling
microservice/service onboarding workflows

Automation & Monitoring

Strong hands-on understanding of:

continuous compliance monitoring
automated evidence collection and storage
policy-as-code frameworks
cloud configuration monitoring (e.g., IAM, logging, network boundaries)
event-driven or API-driven control validation

Proven success collaborating with Security or Compliance Automation teams to operationalize controls at scale.

Technical Competencies

Ability to read, review, and critique architectural diagrams and service designs.
Familiarity with AWS/GCP/Azure security models, identity governance, data flows, and distributed systems.
Understanding of AI/ML governance and compliance needs (data lineage, model lifecycle controls, evaluation, provenance, auditability).

Communication & Influence

Exceptional ability to explain compliance requirements to engineers and technical constraints to compliance teams.
Proven ability to build cross-functional alignment and influence decision-making at senior levels.
Experience mentoring engineers, compliance professionals, and product teams.

Preferred Certifications

CISA, CRISC, CISSP, CCSP, CIPT, ISO 27001 Lead Implementer/Auditor, or similar credentials.

Growing in This Role

As a Principal Compliance Analyst, you will increase your scope and impact by:

Shaping HubSpot’s next-generation automated compliance platform in partnership with automation and monitoring teams.
Reducing friction across the organization by replacing manual audit processes with highly reliable automated controls.
Influencing the strategic direction of compliance maturity and engineering governance across HubSpot.
Evolving HubSpot’s internal processes to meet new global requirements, including AI governance frameworks and regional compliance expansions.
Becoming a key technical advisor for internal reviews, platform evolution, and large-scale regulatory readiness initiatives.

Pay & Benefits

The cash compensation below includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles. In addition to cash compensation, some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are tailored to your skills, experience, qualifications, and other job-related reasons.

This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot’s compensation philosophy.

Benefits are also an important piece of your total compensation package. Explore the benefits and perks HubSpot offers to help employees grow better.

At HubSpot, fair compensation practices aren’t just about checking off the box for legal compliance. It’s about living out our value of transparency with our employees, candidates, and community.

Annual Cash Compensation Range:

$123,800—$198,100 USD

We know the confidence gap and impostor syndrome can get in the way of meeting spectacular candidates, so please don’t hesitate to apply — we’d love to hear from you.

If you need accommodations or assistance due to a disability, please reach out to us using this form.

At HubSpot, we value both flexibility and connection. Whether you’re a Remote employee or work from the Office, we want you to start your journey here by building strong connections with your team and peers. If you are joining our Engineering team, you will be required to attend a regional HubSpot office for in-person onboarding. If you join our broader Product team, you’ll also attend other in-person events, such as your Product Group Summit and other gatherings, to continue building on those connections.

If you require an accommodation due to travel limitations or other reasons, please inform your recruiter during the hiring process. We are committed to supporting candidates who may need alternative arrangements

Massachusetts Applicants: It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Germany Applicants: (m/f/d) - link to HubSpot's Career Diversity page here.

India Applicants: link to HubSpot India's equal opportunity policy here.

About HubSpot

HubSpot (NYSE: HUBS) is an AI-powered customer platform with all the software, integrations, and resources customers need to connect marketing, sales, and service. HubSpot's connected platform enables businesses to grow faster by focusing on what matters most: customers.

At HubSpot, bold is our baseline. Our employees around the globe move fast, stay customer-obsessed, and win together. Our culture is grounded in four commitments: Solve for the Customer, Be Bold, Learn Fast, Align, Adapt & Go!, and Deliver with HEART. These commitments shape how we work, lead, and grow.

We’re building a company where people can do their best work. We focus on brilliant work, not badge swipes. By combining clarity, ownership, and trust, we create space for big thinking and meaningful progress. And we know that when our employees grow, our customers do too.

Recognized globally for our award-winning culture by Comparably, Glassdoor, Fortune, and more, HubSpot is headquartered in Cambridge, MA, with employees and offices around the world.

Explore more:

HubSpot may use AI to help screen or assess candidates, but all hiring decisions are always human. More information can be found here. By submitting your application, you agree that HubSpot may collect your personal data for recruiting, global organization planning, and related purposes. Refer to HubSpot's Recruiting Privacy Notice for details on data processing and your rights.

Principal Compliance Analyst

AI overview