Senior IT Compliance Specialist
Our mission: to eliminate every barrier to mental health.
Spring Health is the leading comprehensive mental health benefit for employers. We help employees understand their mental health issues and connect with best-in-class providers to get the right treatment at the right time.
From early detection to full recovery, Spring Health is the only clinically validated solution in the market proven to be more effective than traditional mental healthcare. By combining the latest technology with vetted providers, we help engage 1 in 3 employees, reduce recovery times, and lower healthcare costs. We are an award-winning, passionate, and mission-driven team with the support of leaders in psychiatry. We have raised over $300 million to date from prominent investors including Kinnevik, Tiger Global, Northzone, RRE Ventures, Rethink Impact, Work-Bench, William K Warren Foundation, SemperVirens, Able Partners, True Capital Ventures, and a strategic investor Guardian Life Insurance. Thanks to their partnership, our current valuation has reached $2 billion.
Reporting to the Director of Information Security, the Senior Compliance specialist will assist with all matters relating to Information Security compliance including PCI-DSS, SOC2 Type II, and HIPAA.
What You’ll Be Doing:
- Drive the IT Compliance programs
- Manage and track certification and audit work as it relates to SOC II, PCI- DSS, and HIPAA
- Establish a more efficient evidence gathering and reporting process
- Implement a GRC to more effectively manage all compliance initiatives and activities
- Assist with day-today compliance reviews (third party vendor reviews, SaaS access reviews, data mapping, data privacy requests, RFPs, etc.)
- Develop and update standards, policies, and procedures as well as best practices documentation in line with compliance requirements
- Respond to client intake requests related to data privacy and security
- Support development of processes and procedures to strengthen the security posture of the organization
What we expect from you:
- Bachelor’s degree in a computing related discipline
- 3-5 years of experience in a compliance focused role
- Experience with the certification processes for SOC2, HIPAA, and PCI-DSS
- Self-starter, organized, efficient, and proactive
- Great communication skills
Benefits of working at Spring Health:
Focus on total health including:
Generous medical, dental, vision coverage available day 1 + access to One Medical
Access to Spring Health’s platform which includes (10) free therapy sessions
Unlimited time off in addition to (12) paid holidays
16-18 weeks paid parental leave
$500 per year Wellness Reimbursement
Creating a culture you can thrive in:
Flexible remote and hybrid work style arrangements
Calm Fridays to encourage meeting & distraction free days
Donation matching to support your favorite causes
Employee resource groups
Supporting you financially through:
Competitive mix of salary and stock options
Employer sponsored 401(k) match
In addition to finding people who are truly excellent at what they do, we take our values at Spring Health seriously:
Members Come First We are genuine member advocates.
Move Fast to Change Lives We build with urgency and intention.
Take Ownership We extend trust and hold ourselves accountable.
Embrace Diverse Teams & Perspectives We find strength in the diversity of cultural backgrounds, ideas, and experiences.
Science Will Win We will achieve impact by innovation and evidence based frameworks.
Candor with Care We are open, honest and empathetic.
Spring Health is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex, marital status, ancestry, disability, genetic information, veteran status, gender identity or expression, sexual orientation, or other applicable legally protected characteristic. We also consider qualified applicants regardless of criminal histories, consistent with applicable legal requirements. Spring Health is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans. If you have a disability or special need that requires accommodation, please let us know.
#LI-remote
#LI-WK1