Senior Compliance Specialist

Our Mission: To Eliminate Every Barrier To Mental Health.

At Spring Health, we’re on a mission to revolutionize mental healthcare by removing every barrier that prevents people from getting the help they need, when they need it. Our clinically validated technology,

Precision Mental Healthcare

, empowers us to deliver the right care at the right time—whether it’s therapy, coaching, medication, or beyond—tailored to each individual’s needs.

We proudly partner with over 450 companies, from startups to multinational Fortune 500 corporations, as a leading provider of mental health service, providing care for 10 million people. Our clients include brands you use and know like Microsoft, Target, and Delta Airlines, all of whom trust us to deliver best-in-class outcomes for their employees globally. With our innovative platform, we’ve been able to generate a

net positive ROI

for employers and we are the only company in our category to earn

external validation

of net savings for customers.

We have raised capital from prominent investors including Generation Investment, Kinnevik, Tiger Global, Northzone, RRE Ventures, and many more. Thanks to their partnership and our latest Series E Funding, our current valuation has reached $3.3 billion. We’re just getting started—join us on our journey to make mental healthcare accessible to everyone, everywhere.

Reporting to the Sr Manager, IT Compliance, the Senior Compliance Specialist will assist with all matters relating to Information Security compliance including SOC 2 Type II, HITRUST, Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), ISO 27001, ISO 42001 and ITGC-SOX.

This is a full time position that is fully remote.

What You’ll Do

Supporting the IT Compliance team with the following responsibilities, but not limited to:

Support and contribute to established compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, and readiness efforts for ISO 27001, ISO 42001, and ITGC-SOX, under the guidance of senior compliance leadership.

Execute day-to-day audit and assessment activities such as evidence collection, coordination of internal interviews, documentation review, and remediation tracking.

Partner closely with engineering, IT, security, and business teams to validate that controls are implemented and operating as designed.

Assist with third-party risk management and supply chain compliance activities, including vendor due diligence and ongoing monitoring.

Contribute to customer assurance efforts, including drafting questionnaire responses and participating in customer calls alongside more senior compliance team members.

Support the execution and maintenance of Business Continuity and Disaster Recovery plans, including documentation updates and testing coordination.

Operate and maintain the GRC tooling, ensuring evidence is accurate, complete, and audit-ready.

Perform internal control testing and risk assessments, document gaps, and support remediation tracking and follow-up.

Draft and maintain policies, procedures, and SOPs in alignment with established standards and frameworks.

Perform continuous monitoring activities such as access reviews, control testing, and artifact updates.

Escalate risks, blockers, or ambiguity appropriately, providing timely updates and context to senior compliance leadership.

What Success Looks Like

Reliable, high-quality execution of assigned compliance activities and audit tasks.

Well-organized, accurate evidence and documentation that requires minimal rework.

Successful support of SOC 2 and HITRUST audits through timely delivery of assigned responsibilities.

Strong working relationships with cross-functional partners built on responsiveness and follow-through.

Demonstrated growth in autonomy, judgment, and ability to handle increasingly complex compliance work over time.

What You’ll Bring

Bachelor’s degree plus 5+ years of experience in a GRC, IT compliance, security, or risk-focused role.

Hands-on experience supporting audits and assessments aligned to frameworks such as SOC 2, HITRUST, HIPAA, GDPR, ISO 27001, and SOX ITGCs.

Foundational experience supporting Business Continuity and Disaster Recovery (BCDR) activities, including documentation maintenance, testing coordination, and alignment to frameworks such as SOC 2, ISO 27001, and HITRUST.

Working knowledge of control execution, evidence requirements, and audit processes.

Ability to operate independently within defined scope while seeking guidance on complex or novel issues.

Strong organizational skills and attention to detail in managing documentation and deadlines.

Clear written and verbal communication skills, with comfort collaborating across technical and non-technical teams.

The target base salary range for this position is

$125,000 - $138,000

, and is part of a competitive total rewards package including equity and benefits. Individual pay may vary from the target range and is determined by a number of factors including experience, location, internal pay equity, and other relevant business considerations. We review all employee pay and compensation programs annually using

Radford Global Compensation Database

at minimum to ensure competitive and fair pay.

Benefits Provided By Spring Health

Note

: We have even more benefits than listed

here

and below, your recruiter will provide more in-depth information as you continue in the interview process. Benefits are subject to individual plan requirements and eligibility criteria.

Health, Dental, Vision benefits start on your first day at Spring. You and your dependents also receive access to

One Medical

accounts HSA and FSA plans are also available, with Spring contributing up to $1K for HSAs, depending on your plan type.

Employer sponsored 401(k) match of up to 2% for retirement planning

A yearly allotment of no cost visits to the Spring Health network of therapists, coaches, and medication management providers for you and your dependents.

We offer competitive paid time off policies including vacation, sick leave and company holidays.

At 6 months tenure with Spring, we offer parental leave of 18 weeks for birthing parents and 16 weeks for non-birthing parents.

Access to

Noom

,

a weight management program—based in psychology, that’s tailored to your unique needs and goals.

Access to fertility care support through

Carrot

, in addition to $4,000 reimbursement for related fertility expenses.

Access to

Wellhub

,  which connects employees to the best options for fitness, mindfulness, nutrition, and sleep in one subscription

Access to

BrightHorizons

, which provides sponsored child care, back-up care, and elder care

Up to $1,000 Professional Development Reimbursement a year.

$200 per year donation matching to support your favorite causes.

Not sure if you meet every requirement?

Research shows

that women and people from historically underrepresented communities often hesitate to apply for roles unless they meet every qualification compared to other similarly-qualified candidates. At Spring Health, we are committed to fostering a workplace where everyone feels valued, empowered, and supported to

Thrive

. If this role excites you, we encourage you to apply.

Ready to do the most impactful work of your life? Learn more about our values, what it’s like to work here, and how hypergrowth meets impact at Spring Health:

Our Values

Our Privacy Policy

https://springhealth.com/privacy-policy/

Spring Health is proud to be an equal opportunity employer. We do not discriminate in hiring or any employment decision based on race, color, religion, national origin, age, sex, marital status, ancestry, disability, genetic information, veteran status, gender identity or expression, sexual orientation, pregnancy, or other applicable legally protected characteristic. We also consider qualified applicants regardless of criminal histories, consistent with applicable legal requirements. Spring Health is also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans. If you have a disability or special need that requires accommodation, please let us know.