Senior Manager, SOX Compliance

About The Position

Requirements

• 10-15+ years of experience in SOX, IT Compliance, Security GRC, ideally in a public-company SaaS environment.
• Deep hands-on experience with SOX 404 control design, testing, issue management, and audit readiness.
• Proven experience supporting product and engineering organizations.
• Demonstrated people-management experience with the ability to deliver through teams.
• Strong judgment, communication, and cross-functional influence skills.

Nice To Haves

• Experience with product-focused SOX or technology-heavy environments.
• Familiarity with SOC 1/2, ISO 27001, ISO 42001 or NIST frameworks.
• Certifications such as CISA, CRISC, CISSP, or equivalent experience.
• Big 4 IT Auditing experience.

Responsibilities

• Lead Product SOX Readiness
• Own the SOX compliance onboarding and vetting process for new products, features, and major engineering changes.
• Review and assess control design prior to Go-Live, ensuring SOX risks are identified and addressed early.
• Partner closely with Product, Engineering, Finance, and Internal Audit to align on risk, controls, and launch readiness.
• Manage & Develop the GRC Team
• Lead and develop a team of GRC professionals focused on product compliance onboarding and control testing.
• Set priorities, operating rhythms, and quality standards across the program.
• Coach team members on risk-based judgment, stakeholder partnership, and execution excellence.
• High-Risk & Continuous Control Testing
• Oversee deep-dive testing of high-risk SOX controls, including access management, change management, and data integrity.
• Ensure testing is rigorous, repeatable, and defensible to internal and external auditors.
• Identify systemic control gaps and drive durable improvements.
• Remediation & Audit Partnership
• Partner with Product, Engineering, and Finance to drive timely remediation of control issues.
• Track issues through resolution and validate corrective actions.
• Serve as a key liaison for Internal and External Audit on product-related SOX matters.
• Program Maturity & Scale
• Define and track metrics for SOX readiness, control effectiveness, and remediation timelines.
• Partner with Security Automation and Engineering teams to reduce manual testing through automation and monitoring.
• Continuously evolve the program as HubSpot’s products and risk profile grow.

Benefits

• The cash compensation below includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles.
• In addition to cash compensation, some roles are eligible to participate in HubSpot’s equity plan to receive restricted stock units (RSUs).
• Some roles may also be eligible for overtime pay.
• Benefits are also an important piece of your total compensation package.
• Explore the benefits and perks HubSpot offers to help employees grow better.