Senior Security & Compliance Analyst

About the role

About the Senior Security & Compliance Analyst at Headspace : What you will do: Interact closely with other cyber security architects, privacy officer, general counsel, engineering, and product management teams to ensure adequate security capabilities and controls are in place within the technology stack to mitigate security risks and meet the highest security and compliance requirements. Work closely with prospects and the proposal managers to provide detailed responses to security assessment questionnaires. Continuously research, design, advocate and recommend new security technologies, architectures, and products that will ensure meeting all compliance requirements. Function as the go-to individual with in-depth understanding of all security and compliance related nuances within the Headspace Health stack. Develop the ability to effectively navigate a highly complex environment to independently retrieve technical evidence for gaining assurance over the effectiveness of controls. Serve as the subject matter expert who will actively guide the broader risk and compliance team on all security-related technical components within the environment. Conduct ad-hoc security architecture/application reviews to assess new risks, keep abreast of latest cyber security technical risks, and foster a culture of continuous service improvement and service excellence. Pre-audit analysis, strategic product analysis, diligence for components/technologies under review. Support for product testing in the course of audit and provide the post-audit analysis and assessment. Telecommuting permitted pursuant to company policy. What you will bring : Required Skills: Education Requirements: Bachelor's degree or foreign equivalent in Computer Engineering, Management Information Systems, Cybersecurity or related field. Experience Requirements: Two (2) years of experience in the position offered, as a Security Analyst or related occupation. Must have experience with the following: industry security compliance frameworks and regulations (ISO 27001/2, PCI-DSS, HIPAA, GDPR, FedRAMP, HITRUST, SOC 1, SOC 2, and international privacy requirements; cloud security concepts (DevSecOps, Infrastructure as Code (IaC), Continuous Integration/Continuous Deployment (CI/CD), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST)); agile secure software development lifecycle and distinguishing core inputs and outputs in each cycle; security engineering practices (incident response, anti-malware solutions, threat detection, and vulnerability management); assessing and managing risks associated with third-party vendors and partners handling PII/PHI; developing and delivering security awareness training, emphasizing compliance and best practices in handling sensitive client information. Location: We are currently hiring this role remotely in the Los Angeles, CA area. Candidates must permanently reside in the US full-time. Pay & Benefits : The anticipated new hire base salary range for this full-time position is $122,400 - $195,500 + equity + benefits. Our salary ranges are based on the job, level, and location, and reflect the lowest to highest geographic markets where we are hiring for this role within the United States. Within this range, individual compensation is determined by a candidate's location as well as a range of factors including but not limited to: unique relevant experience, job-related skills, and education or training. Your recruiter will provide more details on the specific salary range for your location during the hiring process. At Headspace , base salary is but one component of our Total Rewards package. We're proud of our robust package inclusive of: base salary, stock awards, comprehensive healthcare coverage, monthly wellness stipend, retirement savings match, lifetime Headspace membership, generous parental leave, and more. Additional details about our Total Rewards package will be provided during the recruitment process. About Headspace Headspace exists to provide every person access to lifelong mental health support. We combine evidence-based content, clinical care, and innovative technology to help millions of members around the world get support that's effective, personalized, and truly accessible whenever and wherever they need it. At Headspace , our values aren't just what we believe, they're how we work, grow, and make an impact together. We live them daily: Make the Mission Matter, Iterate to Great, Own the Outcome, and Connect with Courage. These values shape our decisions, guide our collaborations, and define our culture. They're our shared commitment to building a more connected, human-centered team-one that's redefining how mental health care supports people today and for generations to come. Why You'll Love Working Here: A mission that matters-with impact you can see and feel A culture that's collaborative, inclusive, and grounded in our values The chance to shape what mental