We’re looking for a Compliance Analyst (GRC) in our Trust Team to help us mitigate privacy and cybersecurity risk across our global operations in Sydney, London, Manilla and Berlin.

You’ll play a critical role in monitoring, administering and maintaining our GRC operations across the world. It’s an exciting opportunity to help shape the future of healthcare by ensuring that our practices are best-in-market when it comes to protecting data and mitigating risk.

Why join Eucalyptus?

We are building the future of accessible, patient-centric healthcare!

We have built a technology platform that brings high touch healthcare into the internet age. We plug into doctors, specialists and pharmacies to provide high quality, convenient health products and services.

Our platform currently has 4 healthcare brands that serve patients with different needs and at all stages of their life.

• Pilot provides men with a safe space to access care for sexual health, hair and weight
• Kin supports a woman’s entire fertility and health journey
• Software makes it easy to access effective anti-aging and acne treatment
• Juniper supports older women through menopause and their weight loss journey

In just 3 years, we have helped over 200,000 patients across our four brands. And yet, we believe we have only scratched the surface of what is possible in digital healthcare.

‍How do we work at Eucalyptus?

You’ll be surrounded by a world-class team of thinkers, designers, engineers and leaders who are obsessed with three things:

1. The health and wellbeing of the average person
2. Creating personalised, engaging, convenient user-experiences
3. Making healthcare fun and interesting (because it is)

The organisation is flat and decision making happens regularly and rapidly at every level of the business. Ultimately, people are given the freedom to make decisions (and mistakes), and learn from the journey. We like to set goals with the mindset that if we hit them all, we haven’t challenged ourselves enough.

Why you'll thrive here

Here are the highlights:

• Come and experience the growth at one of the fastest growing startups (LinkedIn #5 fastest growing startups in Australia) while we are still small (~250 people).
• Push yourself with challenges that are world-first, unique and exhilarating.
• See the meaningful impact of your work on over tens of thousands of actual users (check out the customers that love us!)
• Learn from some of Australia’s best marketers, engineers, creatives, operations specialists, and medical professionals - joining a diverse team from Atlassian, Canva, Google, Koala, McKinsey, Bain, BuzzFeed, Optiver, Halter and many many more.
• A share in the company (equity), so you are rewarded for your best work.
• And also it goes without saying: hybrid work set-up, parental leave, wellness benefits, employee discounts, social clubs sponsorships, and learning and development budgets for all of our staff.
• Life is too short to not be curious

Euc also offers amazing benefits to our permanent staff based in our Manila HQ office:

• Competitive monthly salary plus government contributions.
• HMO for yourself and 1 dependent.
• Hybrid work setup to work flexibly from home, and enjoy time in the office with your colleagues.
• Social clubs that allow you to bond with employees with similar interests! Some of our favourites include #kpop-club, #basketball-club, and #euc-kids-club (a great place for parents).
• Fun office parties and team dinners (did someone say KTV?) so you can bond with your team regularly.
• Eucalyptus and brand merchandise designed by our very own in-house creative team.
• Become part of one of the fastest growing startups in the APAC region while we are still small in size (~200 people), during a time of exciting innovation and growth.
• Work from Manila and maintain high collaboration with the teams in Australia.
• Drive meaningful impact for tens of thousands of actual patients through your work, helping them live healthier, happier and longer lives.
• Learn from some of APAC’s best marketers, engineers and creatives, joining a diverse team from successful and disruptive companies such as Atlassian, Canva, Koala and more.

In this role, you’ll do:

• Compliance Management: monitor and assess business processes and systems for compliance with internal policies.
• Privacy Impact Assessments: complete privacy impact assessments for our GDPR operations, in accordance with existing internal procedures.
• Service Provider Management: review new service providers, renewals and contracts to ensure compliance with relevant regimes (eg, GDPR) and manage service provider spend.
• Audits: conduct audits of our existing business processes and systems and report back on results.
• Incident and Log Management: monitor logs and triage incidents at first instance, in accordance with existing policies and procedures.
• Training: manage and implement phishing simulations and other training to increase awareness within the business.
• Reports: update our cybersecurity metrics on a regular basis and report back to the Trust Squad and the business.
• ISO27001: assist our Trust Squad in obtaining external certification through the ISO27001 regime.

Why you’ll love this role:

• You’ll gain exposure to global compliance issues, including implementing procedures and policies to ensure compliance with multiple frameworks (eg, ISO27001; GDPR).
• You’ll take a data-driven approach to compliance to measure and highlight the impact and effectiveness of our policies and procedures.
• You’ll become experienced at service provider management and working with other teams to manage cybersecurity risks.

Experience and Requirements:

• At least 4 years of experience in compliance, risk, or auditing work, particularly in information security, governance risk and compliance (GRC), or privacy law (eg, GDPR).
• Excellent analytical, organisational, problem solving, and oral and written communication skills.
• Ability to work independently, maintain a high degree of accuracy, and pay strict attention to detail.
• Must be able to work on multiple tasks simultaneously, including under pressure or under deadlines.
• Must have excellent English and confidence working with spreadsheets.
• Must be able to work well with other people within the business, including in different countries across the world.
• Previous experience in GDPR or ISO27001 compliance is preferred but not necessary.