Senior Compliance Specialist

Summary

Join HubSpot's Compliance Assurance team and contribute to building a secure and efficient future. The team focuses on IT audit, risk, and compliance, developing custom solutions for the organization's unique needs. You will assist in directing IT SOX compliance work streams, develop and maintain IT standards and procedures, participate in system implementation projects, and implement tools for ongoing control monitoring. Collaboration with various stakeholders is crucial. The ideal candidate possesses a strong understanding of IT control fundamentals and SOX requirements, along with experience in IT risk assessments and mitigation strategies. HubSpot offers a dynamic team environment and opportunities to challenge the status quo.

Requirements

• Have experience supporting IT SOX audit engagements and a solid understanding of SOX requirements
• Are capable of conducting IT risk assessments and developing mitigation strategies with guidance
• Possess a good understanding of IT general controls (ITGC) across security, change management, and computer operations
• Demonstrate understanding of business process and IT application controls (ITAC) related to financial reporting systems
• Possess a working knowledge of industry-standard IT frameworks and regulations (e.g. COSO, COBIT, NIST CSF, CIS, SOC (1 & 2), PCI DSS, and ISO 27001, to name a few) and ability to apply their requirements to system and process implementations
• Are knowledgeable about various operating systems, databases, networking technologies, service delivery implementations (including SaaS, IaaS, and PaaS), and modern development processes
• Are highly organized, have strong attention to detail
• Are comfortable multi-tasking and performing multifaceted projects
• Have good oral and written communication skills
• Are a good collaborator and possess the ability to form partnerships with key stakeholders
• Demonstrate a continuous learning mindset
• Are comfortable taking initiative and accepting responsibility for assigned tasks with some supervision
• Are service-oriented
• Have 4-6 years of technical IT audit and/or advisory experience
• Have experience in assisting with scoping, planning and executing audits and projects

Responsibilities

• Assist in directing and orchestrating work streams related to IT SOX compliance, including planning, scoping, risk assessment, testing enablement, and issue management
• Help develop, implement, and maintain IT standards, procedures, stakeholder guidance, and tailored control recommendations to ensure adherence to SOX requirements and best practices
• Maintain and update SOX documentation, including risk control matrices, process narratives, and flowcharts
• Participate in system development, acquisition, and implementation projects and advise stakeholders on the design and implementation of internal controls to address process risks and maintain adherence to compliance requirements
• Implement and manage tools and processes for the ongoing monitoring of IT controls and compliance status
• Serve as a point of contact for audit coordination, scheduling, and managing information flow between control owners and internal/external audit personnel
• Translate business and control requirements into the design of features and enhancements in our compliance tools
• Assist in escalating issues to senior management, developing and negotiating remediation plans and tracking issues to resolution

Preferred Qualifications

• Experience in mentoring junior IT audit or compliance staff is a plus
• Have a CISA, CIA, CPA or equivalent professional qualification (or are in progress)

Benefits

• Base salary
• On-target commission for employees in eligible roles
• Annual bonus targets under HubSpot’s bonus plan for eligible roles
• HubSpot’s equity plan to receive restricted stock units (RSUs)
• Overtime pay