Senior Technology Risk and Compliance Analyst

About Eucalyptus

Eucalyptus (or 'Euc' for short) is an Australian founded digital healthcare company that is on a mission to solve the world’s biggest healthcare challenges - think fertility, and behavioural change around chronic conditions such as weight loss, diabetes, and mental health.

Founded in Australia in 2019, we have now helped over 500K patients globally by combining technology, design and operational excellence to help patients access the best clinical support when they need it - wherever they are.

Our 5 clinics (Juniper, Pilot, Kin, Software, & Compound) focus heavily on personalising the experience for different demographics and are powered by a growing team across 5 countries (Australia, UK, Germany, Japan, and the Philippines).

We’ve raised over AUD$160M in funding from Aussie and Silicon Valley investors who were early backers of Uber, Canva and AirBnb. With plans to launch into several more markets, offline channels, and tackle new conditions.

We’re looking to continue building our team of executional weapons who are passionate about healthcare, aren’t afraid to work hard, and invest in others through direct and honest feedback. This approach enables us to make the most impactful changes to improve the health of millions of patients globally.

About the role (What you'll be doing) As a Senior Technology Risk and Compliance Analyst you will join our Trust Team (IT, Infrastructure and Cybersecurity) at Eucalyptus and contribute to building and maintaining a reliable digital health platform. You will drive technology risk management initiatives to help uplift our security posture and maintain trust in our healthcare services.

Key Responsibilities:

• Deliver security and privacy projects. You’ll design and run security and privacy management programs focused on customer trust, security awareness and third party risk management.
• Manage our technology compliance. You’ll manage our compliance with with regulatory requirements such as GDPR and cybersecurity frameworks such as CIS18 and ISO27001. You’ll design and implement security controls, policies and procedures to meet compliance requirements.
• Manage our data governance program. You'll manage and mature our data governance program to ensure compliance with GDPR data security and privacy requirements. You will partner with stakeholders across our business to document our current data holdings, usage, and retention requirements.
• Partner with business and technology teams. You’ll act as an advisor to our business and technology teams to develop and maintain sustainable risk mitigation strategies. You’ll take a data-based approach to enable the business to effectively prioritise initiatives based on risk exposure.

About You (Who you are)

As a key member of our GRC team, you will have:

• At least 3 years of experience in technology risk management, cybersecurity or privacy.
• Experience identifying, assessing and reporting on cybersecurity risks using quantitative and qualitative measures.
• Experience implementing controls and policies to meet ISO 27001 and GDPR requirements.
• Experience managing and maturing two or more of the following risk and compliance domains:
  • Customer trust
  • Third party risk management
  • Security awareness
  • Data management and governance
  • Risk reporting
• Excellent written and verbal communication skills, particularly in communicating technology risks to technical and non-technical audiences.
• The ability to build and maintain relationships with various stakeholders, including influencing at various levels.
• Strong analytical skills and attention to detail.

Why you should join Euc

• Our teams are incredibly passionate - Our talent bar is high and our work ethic is strong. You’ll get to stretch yourself everyday and work amongst people who care deeply about our patients. You’ll be given autonomy to tackle interesting problems and receive regular feedback from a supportive team
• We move at incredible speed - You’ll work with team mates who build in the open by sharing their work freely, this helps us learn and iterate quickly so we can deliver high quality outcomes faster than our competitors. You’ll **spend a lot of time outside of your comfort zone learning and iterating frequently, we wouldn’t have it any other way
• We will invest in your career - You’ll get access to an annual professional development budget, mentors and buddies to ensure that you have the support you need to level up. You can expect regular performance and pay reviews as your career grows. We're championing the next generation of talent – Euc has been recognised in Hatch's Hotlist as a Australia's top employer, as rated by Gen Z's.
• We are all owners - You’ll be given equity to ensure that you are able to benefit in the upside of your contribution in helping Euc grow. Your ideas will be valued regardless of your role, you will have ownership over the projects you work on which will feel both terrifying but extremely fulfilling
• We play as hard as we work - You’ll experience our frequently catered wellness themed talks, exercise classes, whoops to track your wellbeing, free barista coffees, funded social clubs and quarterly rooftop parties…we know how to let our hair down!
• We’ll have your back when you need us the most - You’ll be able to lean on a range of leave offerings to support you when needed, this includes: personal health and professional development leave, a generous parental leave that offers 20 weeks paid leave for a primary carer, additional miscarriage leave (see more on Kin Fertility’s #WeNeedMoreLeave campaign), as well as our Employee Assistance Programme‍

At Eucalyptus, we value individuals from all backgrounds, experiences, and perspectives, and we embrace the unique qualities each person brings. When you apply, please let us know of any reasonable adjustments you may need during the interview process.