Technology Risk and Compliance Analyst

Healthcare is usually slow and boring. We believe in its potential to be exciting and entertaining. But changing the healthcare experience is hard – and we’re gonna need all the help we can get…!

About Eucalyptus

Eucalyptus (or 'Euc' for short) is an Australian founded digital healthcare company that is on a mission to solve the world’s biggest healthcare challenges - think fertility, and behavioural change around chronic conditions such as weight loss, diabetes, and mental health.

Founded in Australia in 2019, we have now helped over 500K patients globally by combining technology, design and operational excellence to help patients access the best clinical support when they need it - wherever they are.

Our 5 clinics (Juniper, Pilot, Kin, Software, & Compound) focus heavily on personalising the experience for different demographics and are powered by a growing team across 5 countries (Australia, UK, Germany, Japan, and the Philippines).

We’ve raised over AUD$160M in funding from Aussie and Silicon Valley investors who were early backers of Uber, Canva and AirBnb. With plans to launch into several more markets, offline channels, and tackle new conditions.

We’re looking to continue building our team of executional weapons who are passionate about healthcare, aren’t afraid to work hard, and invest in others through direct and honest feedback. This approach enables us to make the most impactful changes to improve the health of millions of patients globally.

About the role (What you'll be doing)

As a Technology Risk and Compliance Analyst, you will join our Trust Team (IT, Infrastructure and Cybersecurity) at Eucalyptus and contribute to building and maintaining a reliable digital health platform. You will lead security and compliance initiatives that strengthen our security posture and enable us to build trust with patients.

Key Responsibilities:

• Manage our technology compliance. Manage our compliance with with regulatory requirements such as GDPR and cybersecurity frameworks such as CIS18 and ISO27001. You’ll conduct gap analyses and coordinate with departments across our business to implement necessary controls and policies.
• Manage our third-party risk management program. Perform risk assessments on external vendors and software providers. Provide advice on mitigation strategies to protect sensitive health data.
• Lead our security awareness program. Design and deliver engaging security awareness training programs for our employees across six countries. Measure effectiveness through regular phishing simulations and feedback.
• Track and communicate cybersecurity metrics. Create cybersecurity reports and dashboards to highlight the effectiveness of the cybersecurity program to technical and non-technical stakeholders.
• Lead user access governance. Lead user access reviews for critical systems to support our commitment to the principle of least privilege.

About You (Who you are)

As a key member of our GRC team, you will have:

• At least 4 years of experience in technology risk management, compliance, cybersecurity or privacy.
• Hands-on experience implementing controls and policies to meet ISO 27001 requirements.
• Experience performing risk assessments on third party vendors and software providers.
• Experience developing and delivering security awareness training for non-technical audiences.
• Strong analytical and problem-solving skills.
• Excellent time management skills; able to juggle multiple priorities and deadlines.
• Excellent written and verbal communication in English.
• Ability to work with stakeholders in different countries and business functions.

Why you should join Euc

• Our teams are incredibly passionate - Our talent bar is high and our work ethic is strong. You’ll get to stretch yourself everyday and work amongst people who care deeply about our patients. You’ll be given autonomy to tackle interesting problems and receive regular feedback from a supportive team
• We’ll have your back when you need us the most - You’ll be able to lean on a range of leave offerings to support you when needed from Day 1, this includes: sick, maternal/paternal, compassionate, and vacation leave. Personal health days leave and budget to encourage you to take care of your well-being. A reliable health insurance provider accredited by major hospitals, clinics, and diagnostic centers nationwide, plus coverage of up to two dependents. Standard employer share for statutory benefits (SSS, PhilHealth, and HDMF), and 13th month pay. Also, transportation allowance to support your expenses when reporting to our Makati office.
• We will invest in your career - You’ll get access to an annual professional development budget and additional leave credits, mentors and buddies to ensure that you have the support you need to level up. You can expect regular performance and pay reviews as your career grows.
• We move at incredible speed - You’ll work with team mates who build in the open by sharing their work freely, this helps us learn and iterate quickly so we can deliver high quality outcomes faster than our competitors. You’ll **spend a lot of time outside of your comfort zone learning and iterating frequently, we wouldn’t have it any other way

At Eucalyptus, we value individuals from all backgrounds, experiences, and perspectives, and we embrace the unique qualities each person brings. When you apply, please let us know of any reasonable adjustments you may need during the interview process.