Senior Privacy Program Manager - Security Compliance

Senior Manager, Privacy Program Our mission at HubSpot is to help millions of organisations grow better. As part of our Legal & Compliance organisation, you’ll lead the global Privacy Program—driving scalable governance, risk, and compliance practices that enable HubSpot to innovate responsibly. You’ll partner cross-functionally with Legal, Product, Engineering, and Security teams to embed privacy and data-protection principles across the business. This role blends strategic vision with hands‑on execution and is ideal for a collaborative leader who thrives at the intersection of privacy, technology, and business.

What You’ll Do

Own the design, delivery, and continuous improvement of HubSpot’s enterprise Privacy Program.

Lead cross‑functional workstreams to embed privacy‑by‑design and AI‑governance principles into the product development lifecycle.

Operationalize global privacy and AI‑regulatory frameworks (e.g., GDPR, CCPA/CPRA, LGPD, EU AI Act) through scalable processes and tooling.

Maintain and evolve data‑inventory and data‑flow mapping programs to strengthen transparency and accountability.

Drive the Data Protection Impact Assessment (DPIA) and related governance processes.

Develop and deliver privacy awareness, education, and communications for technical and business audiences.

Define and report on program KPIs, audit findings, and risk indicators to leadership; ensure timely remediation.

Partner with Third‑Party Risk Management to embed privacy controls into vendor lifecycle management.

Collaborate closely with Legal, Security, Product, and Business stakeholders to align privacy operations with HubSpot’s strategic priorities.

What You’ll Bring Required Qualifications

Progressive experience in privacy, data‑protection, or compliance program management—ideally in a technology, SaaS, or AI‑driven environment.

Strong understanding of global privacy laws and frameworks (e.g., GDPR, CCPA/CPRA, LGPD, AI Act) and how to operationalize them.

Proven ability to lead complex, cross‑functional initiatives and deliver measurable outcomes.

Excellent program and project‑management skills, including prioritization and stakeholder alignment.

Clear communication skills; able to translate regulatory or technical concepts for diverse audiences.

CIPP/E, CIPM, or equivalent privacy certification.

Familiarity with frameworks such as ISO 27701, NIST, or SOC 2.

Nice-to-Have Qualifications

Experience with AI governance or model‑risk‑management frameworks.

PMP or similar project‑management certification.

Experience with privacy‑technology tools (OneTrust, TrustArc, etc.).

Exposure to data‑protection auditing or regulatory engagement.