Manager, Security GRC - Compliance Onboarding & Readiness

Location: United States - Remote, Flex, or Office
About the Role

HubSpot is seeking a Manager, Security GRC on our Compliance Onboarding & Readiness team. This role is a critical part of how HubSpot approaches trust, security, and governance. Instead of focusing on reactive audit defense, our team acts as a proactive design and engineering partner. We shift compliance engineering "left" to ensure our rapidly expanding product surface, including usage-based billing systems, advanced AI capabilities, and scaling infrastructure, is fundamentally secure by design and audit-ready.

This is a hands-on, "player-coach" role. Reporting directly to the Senior Manager, you will lead and mentor a dedicated team of GRC professionals, while also acting as a high-impact individual contributor (IC). You are someone who loves to get into the weeds: executing proactive control designs, performing technical walkthroughs, mapping controls to complex cloud environments, and directly authoring robust control documentation alongside your team.

You will drive the day-to-day operationalization of our High-Risk Control Testing and Compliance Onboarding charters, moving HubSpot away from point-in-time evidence gathering and toward continuous compliance automated by telemetry.
What You'll Do

Be an Active Player-Coach & Lead the Team

• Direct People Management: Lead, develop, and mentor a talented sub-team of GRC professionals. Evolve their capabilities in risk-based judgment and technical engineering partnership.
• Hands-on Execution (IC Work): Actively lead by example. You will personally conduct high-impact control walkthroughs, draft complex process narratives, design baseline control mappings for new architectures, and directly test our most critical systems.
• Stabilization & Backlog Burnout: Guide and support the team through its immediate operational maturity phases, and partnering cross-functionally to systematically burn down the legacy issues backlog.

Operationalize the Compliance "Front Door"

• Shift Compliance Left: Manage and scale our centralized compliance onboarding intake process. Partner early with Product, Engineering, and FinOps during the design and architecture stages (pre-coding) to embed security and compliance controls before production release.
• Minimize Friction: Maintain predictable, frictionless compliance paths for engineering stakeholders so compliance acts as an operational accelerator rather than a bottleneck.

Drive High-Risk Control Testing & Continuous Assurance

• Execute Deep-Dive Testing: Personally lead and oversee rigorous internal testing of HubSpot's highest-risk controls, prioritizing Identity and Access Management (IAM), privileged access, data protection, change management, and AI governance.
• Continuous Monitoring Telemetry: Partner to design and build automated dashboards, transitioning the team's evidence collection from manual spreadsheets to continuous data streams.
• Define Early-Warning Signals: Build out and monitor key control health indicators (OKIs/PKIs) to identify and remediate control degradation long before audit windows open.

Foster Collaborative Partnerships & Seamless Hand-offs

• Proactive Pre-Audit Alignment: Lead proactive reviews to validate control design, helping system owners address gaps collaboratively before audit cycles begin.
• Frictionless Partner Handoffs: Partner deeply with our Compliance Audit Execution team to transition ready, thoroughly vetted control packages for external testing, replacing traditional siloed boundaries with smooth, cooperative handoffs.
• Shared Posture Insights: Actively feed readiness metrics and testing signals into the broader Security Governance and Risk ecosystem to build a unified, transparent view of security health across HubSpot.

What We're Looking For

Required Experience & Technical Rigor

• Demonstrated experience in Security GRC, IT Compliance, or IT Audit, ideally within a fast-paced, public SaaS environment.
• Hands-On Player-Coach Leadership: Experience managing, mentoring, or leading GRC professionals, combined with a strong desire and demonstrated ability to execute as an individual contributor. You must love rolling up your sleeves to build.
• Deep Control Expertise: Strong understanding of SOX 404 control design, risk-based scoping, testing, and proactive issue management within modern engineering environments (AWS, microservices, CI/CD pipelines).
• First-Principles Architect Mindset: You look at compliance as a systems-engineering challenge, not a checklist. You have experience implementing controls that are automated, scalable, and lightweight for developers.
• Exceptional Communication & HubSpot Culture Fit: You are empathetic, remarkably clear, and direct. You can explain complex regulatory "whys" to engineering leaders.

Preferred Experience

• Familiarity with emerging technology frameworks, specifically AI governance structures (such as ISO 42001) alongside traditional frameworks (SOC 1/2, ISO 27001, NIST).
• Experience supporting product transitions to usage-based billing or microservices-based financial data pipelines.
• Professional certifications such as CISA, CRISC, CISSP, or equivalent experience.

Pay & Benefits

The cash compensation below includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot's bonus plan for eligible roles. In addition to cash compensation, some roles are eligible to participate in HubSpot's equity plan to receive restricted stock units (RSUs). Some roles may also be eligible for overtime pay. Individual compensation packages are tailored to your skills, experience, qualifications, and other job-related reasons.

This resource will help guide how we recommend thinking about the range you see. Learn more about HubSpot's compensation philosophy.

Benefits are also an important piece of your total compensation package. Explore the benefits and perks HubSpot offers to help employees grow better.

At HubSpot, fair compensation practices aren't just about checking off the box for legal compliance. It's about living out our value of transparency with our employees, candidates, and community.

Annual Cash Compensation Range:

$146,200-$233,900 USD

We know the confidence gap and impostor syndrome can get in the way of meeting spectacular candidates, so please don't hesitate to apply - we'd love to hear from you.

If you need accommodations or assistance due to a disability, please reach out to us using this form.

At HubSpot, we value both flexibility and connection. Whether you're a Remote employee or work from the Office, we want you to start your journey here by building strong connections with your team and peers. If you are joining our Engineering team, you will be required to attend a regional HubSpot office for in-person onboarding. If you join our broader Product team, you'll also attend other in-person events, such as your Product Group Summit and other gatherings, to continue building on those connections.

If you require an accommodation due to travel limitations or other reasons, please inform your recruiter during the hiring process. We are committed to supporting candidates who may need alternative arrangements