Job Description:
• Be an Active Player-Coach & Lead the Team
• Direct People Management: Lead, develop, and mentor a talented sub-team of GRC professionals.
• Hands-on Execution (IC Work): Actively lead by example.
• Stabilization & Backlog Burnout: Guide and support the team through its immediate operational maturity phases.
• Operationalize the Compliance "Front Door"
• Shift Compliance Left: Manage and scale our centralized compliance onboarding intake process.
• Minimize Friction: Maintain predictable, frictionless compliance paths for engineering stakeholders.
• Drive High-Risk Control Testing & Continuous Assurance
• Execute Deep-Dive Testing: Personally lead and oversee rigorous internal testing of HubSpot’s highest-risk controls.
• Continuous Monitoring Telemetry: Partner to design and build automated dashboards.
• Foster Collaborative Partnerships & Seamless Hand-offs: Lead proactive reviews to validate control design.
Requirements:
• Demonstrated experience in Security GRC, IT Compliance, or IT Audit, ideally within a fast-paced, public SaaS environment.
• Hands-On Player-Coach Leadership: Experience managing, mentoring, or leading GRC professionals, combined with a strong desire and demonstrated ability to execute as an individual contributor.
• Deep Control Expertise: Strong understanding of SOX 404 control design, risk-based scoping, testing, and proactive issue management within modern engineering environments (AWS, microservices, CI/CD pipelines).
• First-Principles Architect Mindset: You look at compliance as a systems-engineering challenge, not a checklist.
• Exceptional Communication & HubSpot Culture Fit: You are empathetic, remarkably clear, and direct.
Benefits:
• Health insurance
• Flexible work arrangements
• Professional development opportunities