Principal Compliance Analyst
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Principal Compliance Analyst defining and scaling compliance frameworks at HubSpot. Collaborating with engineering and security teams to embed compliance requirements into engineering workflows.
Responsibilities:
- Define and evolve HubSpot’s compliance-by-design methodology, embedding regulatory and internal control requirements directly into engineering and product workflows.
- Build scalable, repeatable control patterns and reference architectures that align with SOC 2, ISO, NIST, GDPR, SOX, and AI governance obligations.
- Translate regulatory language into actionable technical requirements that engineers can adopt early in the design process.
- Partner with Security Compliance Automation and Monitoring team to design and implement automated evidence collection, continuous control monitoring, policy-as-code frameworks, and automated compliance validation in CI/CD.
- Define the technical control properties that automation teams should monitor (e.g., logging configuration, encryption controls, IAM boundaries, data flows, change management).
- Work with platform teams to build compliance logic into developer experience tooling, ensuring compliance checks happen before, during, and after service deployment.
- Design the compliance onboarding lifecycle for new services, products, and internal platforms; clarifying required controls, evidence needs, and architectural expectations.
- Build self-service documentation, templates, tooling, and workflows so engineering teams understand their compliance responsibilities without friction.
- Identify patterns of operational toil and partner with engineering to redesign them into automated, low-lift solutions.
- Partner with stakeholders in cross-functional teams like Engineering, Product, Legal, Finance, Internal Audit, and Enterprise Risk Management to align on responsibilities, processes, and evidence requirements.
- Participate in architecture reviews, service readiness programs, and cross-organizational initiatives that introduce or modify compliance controls.
- Establish metrics and KPIs for control adoption, automated evidence coverage, and compliance readiness.
- Identify systemic gaps across services and platforms and develop long-term architectural solutions to reduce risk.
Requirements:
- 12–15+ years in compliance engineering, cloud governance, secure development, or risk architecture within a large-scale SaaS environment.
- Deep knowledge of compliance standards such as SOX, SOC1, SOC 2, ISO 27001/27701, NIST 800-53, PCI, GDPR, and emerging AI governance frameworks such as ISO 42001.
- Significant experience embedding compliance requirements into SDLC processes, CI/CD pipelines, cloud-native architectures, developer experience tooling, and microservice/service onboarding workflows.
- Strong hands-on understanding of continuous compliance monitoring, automated evidence collection and storage, policy-as-code frameworks, cloud configuration monitoring, event-driven or API-driven control validation.
- Proven success collaborating with Security or Compliance Automation teams to operationalize controls at scale.
- Ability to read, review, and critique architectural diagrams and service designs.
- Familiarity with AWS/GCP/Azure security models, identity governance, data flows, and distributed systems.
- Understanding of AI/ML governance and compliance needs (data lineage, model lifecycle controls, evaluation, provenance, auditability).
Benefits:
- The cash compensation includes base salary, on-target commission for employees in eligible roles, and annual bonus targets under HubSpot’s bonus plan for eligible roles.
- Eligible roles may participate in HubSpot’s equity plan to receive restricted stock units (RSUs).
- Some roles may also be eligible for overtime pay.
Similar Jobs
Compliance Internship
Compliance Intern at VSP Vision assisting with compliance and privacy activities. Gain practical experience in auditing, regulatory analysis, and more.
Compliance & QC Specialist
Compliance & QC Specialist working with a focused compliance team in a residential mortgage banker. Handling QC, licensing operations, and advertising compliance reviews.
Principal GRC Engineer
Principal GRC Engineer leading compliance and risk management initiatives at Outseer. Collaborating with teams to implement strategy and ensure adherence to regulations and standards.
Regulatory Advisor – Food & Non-Food
Regulatory Advisor ensuring compliance of product information with legislation for food and non-food sectors. Providing risk-based advice and supporting product launches in a fully remote position.
Director, Compliance
Director of Compliance overseeing compliance for a telehealth startup. Ensuring regulatory adherence and integrity in mental health care services.
Senior Payments & Compliance Analyst
Senior Payments & Compliance Analyst at Leap ensuring compliance across SaaS platform and embedded payments. Collaborating with various teams to drive initiatives while managing risks and operational execution.
Associate Director – NERC O&P and CIP Compliance
NERC Operations & Planning compliance expert advising energy provider clients on regulatory standards. Lead compliance programs and assessments for utility operations within the electric grid.
Vice President – Regulatory Reform
Vice President leading IREC’s Regulatory Team to develop strategies for regulatory best practices in clean energy. Driving initiatives to enhance equity and access in the energy transition.
Compliance Intern, Summer 2026
Compliance Intern supporting key operational and regulatory initiatives within a fast-paced insurtech environment. Gaining real-world experience in compliance, legal, or insurance.
Chief Compliance Officer
Chief Compliance Officer at zerohash overseeing compliance program for the UK and managing the Compliance team. Leading compliance, regulatory, and licensing processes within the UK.
Healthcare Compliance Coordinator, English & Spanish
Compliance Coordinator ensuring credentialing and compliance operations remain documented for healthcare aides and therapists. Requires bilingual fluency in English and Spanish with strong organizational skills.
Director of Compliance Testing
Director of Compliance Testing overseeing compliance testing for risk management at Origin Bank. Developing and executing a comprehensive risk-based compliance program while supervising a team.
Compliance Coordinator
Regulatory and Compliance Coordinator assisting Stride Inc. with grants and contracts activities. Responsible for compliance reporting, submissions, and archival activities related to workforce investments.
Client Engagement Ops Analyst – Regulatory Risk Management
RRM Specialist managing a portfolio of regulatory and risk-sensitive client cases. Collaborating with Legal and Compliance teams to meet case handling standards in a remote environment.
Compliance Generalist
Compliance Generalist supporting compliance operations at SEC-registered investment adviser managing $1B in assets. Engaging in compliance policies and developing systems as needed.
Risk and Compliance Officer
Risk and compliance management intern supporting RATP Solutions Ville in addressing urban challenges. Collaborating on risk management, compliance, and internal control activities.
Compliance Manager
Manager of Compliance overseeing quality and regulatory activities for a Software as a Medical Device organization. Leading a compliance team and ensuring adherence to various regulations and standards.
Regulatory Affairs Specialist
Regulatory Affairs Specialist supporting compliance and quality reporting for Radiology, Anesthesia, and other specialties. Collaborating with Operations, Coding, and Business Intelligence teams to ensure regulatory readiness.
Senior Health and Safety Compliance Specialist
Senior Health and Safety Compliance Specialist at EHS Support leading compliance projects and mentoring. Responsible for H&S training, auditing, and regulatory reporting across various sectors.
Payer Compliance Specialist I
Payer Compliance Specialist analyzing allowed claims amounts and resolving payer issues at US Anesthesia Partners. Requirements include revenue cycle experience and healthcare billing knowledge.