Senior Manager, SOX Compliance
HubSpot•Boston, MA
7h
About The Position
HubSpot is seeking a Senior Manager, Security GRC to lead our Product SOX Compliance program. This role is responsible for ensuring new products and features launch in a compliant, audit-ready manner by embedding SOX considerations early in the product lifecycle and executing focused, high-risk control testing. You will lead a team responsible for pre-Go-Live compliance vetting, high-risk SOX control testing, and remediation partnership with Product and Engineering. This role is critical to shifting HubSpot’s SOX posture from reactive remediation to proactive assurance.
Requirements
- 10-15+ years of experience in SOX, IT Compliance, Security GRC, ideally in a public-company SaaS environment.
- Deep hands-on experience with SOX 404 control design, testing, issue management, and audit readiness.
- Proven experience supporting product and engineering organizations.
- Demonstrated people-management experience with the ability to deliver through teams.
- Strong judgment, communication, and cross-functional influence skills.
Nice To Haves
- Experience with product-focused SOX or technology-heavy environments.
- Familiarity with SOC 1/2, ISO 27001, ISO 42001 or NIST frameworks.
- Certifications such as CISA, CRISC, CISSP, or equivalent experience.
- Big 4 IT Auditing experience.
Responsibilities
- Lead Product SOX Readiness
- Own the SOX compliance onboarding and vetting process for new products, features, and major engineering changes.
- Review and assess control design prior to Go-Live, ensuring SOX risks are identified and addressed early.
- Partner closely with Product, Engineering, Finance, and Internal Audit to align on risk, controls, and launch readiness.
- Manage & Develop the GRC Team
- Lead and develop a team of GRC professionals focused on product compliance onboarding and control testing.
- Set priorities, operating rhythms, and quality standards across the program.
- Coach team members on risk-based judgment, stakeholder partnership, and execution excellence.
- High-Risk & Continuous Control Testing
- Oversee deep-dive testing of high-risk SOX controls, including access management, change management, and data integrity.
- Ensure testing is rigorous, repeatable, and defensible to internal and external auditors.
- Identify systemic control gaps and drive durable improvements.
- Remediation & Audit Partnership
- Partner with Product, Engineering, and Finance to drive timely remediation of control issues.
- Track issues through resolution and validate corrective actions.
- Serve as a key liaison for Internal and External Audit on product-related SOX matters.
- Program Maturity & Scale
- Define and track metrics for SOX readiness, control effectiveness, and remediation timelines.
- Partner with Security Automation and Engineering teams to reduce manual testing through automation and monitoring.
- Continuously evolve the program as HubSpot’s products and risk profile grow.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Manager
Education Level
No Education Listed
