Spring Health is hiring a
Senior Compliance Specialist

Summary

Join our mission to eliminate every barrier to mental health at Spring Health! We're on a mission to revolutionize mental healthcare by removing every barrier that prevents people from getting the help they need, when they need it. Our clinically validated technology, Precision Mental Healthcare, empowers us to deliver the right care at the right time—whether it’s therapy, coaching, medication, or beyond—tailored to each individual’s needs.

Requirements

• Bachelor’s degree plus 5+ years of experience in a compliance focused role
• You MUST have substantial ISO 27001 experience with in-depth knowledge of ISO 27001 standards management and implementation
• Emerging ISO 42001, NIST AI RMF or any other AI compliance experience
• Experience with other common security frameworks and regulations such as SOC2, HIPAA, GDPR, HITRUST and SOX
• Demonstrated understanding of emerging information security trends, including changes to security frameworks and regulatory requirements
• Self-starter, organized, efficient, and proactive
• Strong communication and cross organization collaboration skills

Responsibilities

• Develop, execute and ensure adherence to existing and planned compliance programs : Existing : SOC2 / HITRUST / HIPAA and GDPR Compliance; Planned: ISO 27001 / ITGC SOX / FedRAMP etc
• Expedite AI adoption with the implementation of required AI compliance programs such as ISO 42001, NIST AI RMF
• Lead and manage annual assessment and audit related works (assessment planning, internal assessments, actual assessment interviews, evidence requests coordination, remediation coordination etc.) with external (external assessors other certification authorities) and internal stakeholders (organization wide engineering teams)
• Provide timely updates and escalations to leadership
• Use, manage and maintain the GRC tool for effective compliance initiatives and activities
• Perform internal information security risk assessments, document control deficiencies, and develop recommendations for improvement
• Develop required plans, policies, procedures and SOPs to support compliance assessments and build better security posture for Spring Health
• Conduct continuous monitor activities by regularly - documenting updates to artifacts, risk management, access reviews etc
• Think out of the box and develop solutions to bring more automation and efficiency

Benefits

• Health, Dental, Vision benefits start on your first day at Spring Health. You and your dependents also receive an individual One Medical account which is valued at $199/year per user. HSA and FSA plans available
• A yearly allotment of no cost visits to the Spring Health network of therapists, coaches, and medication management providers for you and your dependents
• 10 allocated sick days per year
• Flexible paid time off in addition to 12 paid holidays throughout the year
• Access to Gympass, an on-demand virtual benefit that provides wellbeing coaching, and budget management
• Spring Renewal: When you hit your four-year Springaversary, you’ll be awarded a four week, fully paid, sabbatical leave to renew and recharge
• 4-4.5 months of fully paid parental leave
• Spring Health provides team members and their families with sponsored access to Bright Horizons child care, back-up care, and elder care
• Access to fertility care support through Carrot, in addition to $4,000 reimbursement for related fertility expenses