Governance, Risk and Compliance Officer

**Eucalyptus **(or 'Euc' for short) is a healthcare technology organisation on a mission to deliver high-touch, high-quality care to millions of patients.

Eucalyptus is a house of consumer healthcare brands built off of a core shared technology and services layer. We have 4 healthcare brands that form the connective tissue between telehealth consults with doctors, pharmacy delivery and ongoing patient care. Our goal is to provide a differentiated and comprehensive care experience for a wide variety of patients and conditions.

We're looking for a Governance, Risk and Compliance (**GRC**) Officer to help us mitigate privacy and cybersecurity risk across our global operations in Sydney, London, Manila and Berlin. You'll join our fast-growing Trust team, responsible for cybersecurity, GRC, IT operations, and privacy.

**In this role, you'll**:

- Support GRC initiatives by assessing risk in relation to business processes and systems.
- Develop reporting metrics and dashboards for the efficient monitoring of Euc's security positioning at scale.
- Implement security controls, risk assessment frameworks, and internal policies, procedures and programs that align with regulatory requirements (eg GDPR) and cybersecurity frameworks such as the CIS18 and ISO27001.
- Improve Euc's security positioning through process improvement, policy, automation, and continuous evolution of capabilities.
- Define and document business process responsibilities and ownership of controls.
- Schedule regular assessments and testing of effectiveness and efficiency of controls and create GRC reports.
- Perform and investigate internal and external information security risk and exceptions assessments.
- Document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities.
- Assist other staff in the management and oversight of security program functions.
- Train, guide and act as a resource on security assessment functions to other departments at Euc.
- Perform other related duties as assigned.

**Why you'll love this role**:

- You'll gain exposure to managing risk within a global operation that manages sensitive information.
- You'll straddle technical, risk and legal fields and build a cross-functional skillset to tackle difficult problems.
- You'll work with a highly specialised and driven team that's operating at speed within a fast-paced scale-up environment.

**Experience and Requirements**:

- At least 2 years of relevant work experience (eg, law, risk, compliance, analyst, policy design or systems design).
- Be a self-starter, able to work autonomously with strong partnering, organisation and analytical skills.
- Have strong communication skills, and be able to interact constructively with internal personnel and also with external stakeholders.
- Be a quick-learner and willing to up-skill or adapt to areas with less familiarity.

**So, why join Eucalyptus?**

Our mission is to take a high-friction healthcare experience, and make it an experience that patients love - through a technology platform that provides care from first contact to treatment delivery. We work with doctors and a range of medical professionals; our 4 brands speak to different people at different stages of their life and needs. This has been built by our talented and ambitious team in just over 3 years

**Euc also offers amazing benefits to our permanent staff**:

- **Employee-only discounts** from our portfolio of healthcare brands: Pilot, Kin Fertility, Software, Juniper
- **Wellness benefits** include Employee Assistant Program and Health & Fitness allowance
- We have **social clubs** that allow you to bond with employees with similar interests Each club has an allocated annual budget available to spend on related activities
- We offer **work from home** two days per week
- **Euc-wide social events** happen at least once a quarter
- Inclusive parental leave that offers 20 weeks paid leave for a primary carer
- **Work from home** days up to 2 days / week
- We are proud to be a part of Kin Fertility's **#WeNeedMoreLeave** campaign with raising awareness and encouraging businesses, big or small, to increase their paid miscarriage leave to at least 10 days
- **Euc and Brand merch** designed by our very own in-house creative team