Job Number:
HC-05106
Date Posted:
April 15, 2026
Position Title:
Senior Compliance Specialist
Party:
N/A
Office Code:
Office/Company:
Spring Health
Reports To:
Location:
Remote
Contact:
Salary:
$125,000–$138,000
Primary Role
Secondary Role:
Job Type:
Full Time
Description:
Supporting the IT Compliance team with the following responsibilities, including but not limited to: Support and contribute to established compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, and readiness efforts for ISO 27001, ISO 42001, and ITGC-SOX, under the guidance of senior compliance leadership.Supporting the IT Compliance team with the following responsibilities, including but not limited to: Support and contribute to established compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, and readiness efforts for ISO 27001, ISO 42001, and ITGC-SOX, under the guidance of senior compliance leadership.Bachelor’s degree plus 5+ years of experience in a GRC, IT compliance, security, or risk-focused role.
Responsibilities:
• Support and contribute to established compliance programs including SOC 2 Type II, HITRUST, HIPAA, GDPR, and readiness efforts for ISO 27001, ISO 42001, and ITGC-SOX, under the guidance of senior compliance leadership.
• Execute day-to-day audit and assessment activities such as evidence collection, coordination of internal interviews, documentation review, and remediation tracking.
• Partner closely with engineering, IT, security, and business teams to validate that controls are implemented and operating as designed.
• Assist with third-party risk management and supply chain compliance activities, including vendor due diligence and ongoing monitoring.
• Contribute to customer assurance efforts, including drafting questionnaire responses and participating in customer calls alongside more senior compliance team members.
• Support the execution and maintenance of Business Continuity and Disaster Recovery plans, including documentation updates and testing coordination.
Qualifications:
• Bachelor’s degree plus 5+ years of experience in a GRC, IT compliance, security, or risk-focused role.
• Hands-on experience supporting audits and assessments aligned to frameworks such as SOC 2, HITRUST, HIPAA, GDPR, ISO 27001, and SOX ITGCs.
• Foundational experience supporting Business Continuity and Disaster Recovery (BCDR) activities, including documentation maintenance, testing coordination, and alignment to frameworks such as SOC 2, ISO 27001, and HITRUST.
Instructions:
Email to apply
Other:
Spring Health is proud to be an equal opportunity employer.
