Compliance Engineer - II

Location: Bengaluru,Karnataka,India

About MediBuddy

MediBuddy is India’s largest on-demand, full-stack digital healthcare platform that helps patients access multiple healthcare services. It gives users 24x7 access to high-quality healthcare at their fingertips. MediBuddy helps its users consult specialist doctors, order medicines and book lab tests from the comfort of their homes. It is also a partner to several leading corporate customers in the country and helps their employees access multiple healthcare benefits. MediBuddy users have access to online doctor consultations, wellness, preventive care services, fitness and hospitalization offered by its pan-India network of healthcare providers with its unparalleled reach.

It also provides its customers hassle-free, end-to-end surgery care through a Care Buddy, right from connecting them to the right surgeon to post-operative recovery care. MediBuddy’s surgery care provides specialized treatment in several other departments like Proctology, Ophthalmology, Vascular, ENT, Orthopaedics, Urology, Gynaecology, and more. With full-stack Surgery Care management services, MediBuddy assures customers an array of solutions for every medical, financing, insurance, and recovery need of its customers undergoing surgery. 

The digital healthcare platform has a partner network of 90,000+ doctors, 7,100+ hospitals and clinics, 4,000+ diagnostic centers, 2,500+ pharmacies along with a team size of 2200+ members. It has created an integrated healthcare ecosystem that offers patients seamless access anytime and anywhere. It has created an integrated healthcare ecosystem that offers patients seamless access anytime and anywhere in 10 minutes. With its healthcare services available in 16 Indian languages to enable customer-friendly consultation, MediBuddy is bridging the Urban-Rural quality healthcare divide. MediBuddy offers online and offline doctor consultations, medicine delivery, lab tests at home, mental health consultations, surgery care, among other healthcare services.

MediBuddy has catered to the healthcare needs of 3Cr Indians & attends to the needs of over 35,000 Indians daily across the length and breadth of the country. The app connects patients to experienced and verified doctors for online consultations across 22+ specialities such as Dermatology, Paediatrics, Gynaecology and more, instantly via chat, video, or voice call.  MediBuddy is the pioneer in providing a healthcare subscription plan under the name of MediBuddy Gold, covering unlimited specialist doctor consultations for the user and the family. 

MediBuddy is also the largest provider of employee health and wellness benefit services, catering to 700+ companies across India and in turn helping 50 Lakh employees including their family members with high-quality healthcare services. MediBuddy provides services that cover health expenses across Out-patient services(OPD) and hospitalisation in collaboration with insurance companies. 

MediBuddy is led by co-founders Mr. Satish Kannan & Mr. Enbasekar, as CEO & CTO, respectively.

The platform has so far raised over $170 million from Quadria Capital, Lightrock India, India Life Sciences Fund III LLC, Bessemer Venture Partners, Rebright Partners, TechMatrix Corporation, DeNA networks, Milliways Fund LLC, Mitsui Sumitomo (MSIVC), TEAMFund LP, JAFCO Asia Fund, FinSight Ventures, ALES Global Japan, Beyond Next Ventures, Makita corporation, InnoVen Capital, Stride Ventures and Alteria Capital.

MediBuddy’s pioneering work has been widely recognised by many leading entities:

• MediBuddy - Best Brand 2021 in Healthcare by ET Edge

• MediBuddy - Best Brand 2020 in Healthcare by ET Edge

• MediBuddy - Best Health & Wellness Solution by ET- Intelligent Health & Tech Awards 2020

• MediBuddy also bagged Marketing Campaign of the Year - #AapkaHealthBuddy & Award for Best Marketing Excellence in Health & Wellness Sector at National Awards for Marketing Excellence

• The “Industry Achievement Award 2019” by Hurun Report.

• The digital healthcare platform also bagged 3 coveted awards- Best Healthcare Entrepreneur of the Year, Best Marketing Campaign, Best healthcare start-up of the year at Healthcare Leadership Awards presented by ABP News in the year 2019

• Best healthcare startup company of the year, Best use of social media & Digital marketing in Healthcare, Best Marketing Campaign - #BaatTohKaro (DocsApp) & Best Healthcare Entrepreneur of the year- Satish Kannan at National Healthcare Leadership Congress Awards presented by Zee Business in the year 2019. 

• The ‘App of the Year 2017’ in the medical category by Amazon in association with Facebook.

Job Summary:

As an Information and Security Compliance Engineer 2, you will take a lead role in overseeing and implementing information security compliance initiatives within our organization. Working closely with various teams, you will ensure the adherence to industry standards, regulations, and internal policies related to information security. 

You will be responsible for conducting comprehensive compliance assessments, developing robust security policies, and driving the organization's efforts to maintain a strong security posture. The ideal candidate should possess a solid understanding of information security principles, compliance frameworks, and excellent communication skills to collaborate with stakeholders effectively.

Responsibilities:

1. Lead the development, implementation, and maintenance of information security compliance programs, policies, and procedures to align with industry standards and regulatory requirements.

2. Conduct thorough security compliance assessments, risk assessments, and audits to identify vulnerabilities, weaknesses, and potential security risks across the organization's infrastructure, applications, and systems.

3. Collaborate with IT and security teams to ensure that security controls are effectively designed, implemented, and monitored to maintain compliance with relevant information security standards and regulations.

4. Monitor and evaluate the organization's security practices and controls, providing recommendations and driving remediation efforts to address identified vulnerabilities and compliance gaps.

5. Stay informed about evolving information security laws, regulations, and best practices to ensure the organization's practices remain up-to-date and aligned with emerging requirements.

6. Assist in responding to external audits and assessments, providing necessary evidence and documentation to demonstrate compliance with applicable information security standards.

7. Develop and deliver comprehensive security training and awareness programs to enhance the organization's security culture and ensure compliance with security policies.

8. Collaborate with legal and compliance teams to ensure that information security practices and policies are in compliance with applicable data privacy and protection laws.

9. Act as a subject matter expert on information security compliance matters, providing guidance and support to internal teams and stakeholders.

10. Participate in incident response activities, helping to investigate and address security incidents, and contributing to lessons learned and incident response improvement efforts.

Qualifications:

1. Bachelor's degree in Computer Science, Information Technology, or a related field. Relevant certifications such as CISSP, CISA, CISM, or ISO 27001 Lead Auditor are desirable.

2. Minimum of 4-6 years of experience in information security, compliance, or related fields, with a focus on implementing and managing security controls and compliance initiatives.

3. In-depth knowledge of information security principles, compliance frameworks (e.g., ISO 27001, NIST, GDPR), and best practices.

4. Experience in conducting security compliance assessments, risk assessments, and audits.

5. Familiarity with security controls for network infrastructure, systems, and applications.

6. Strong understanding of data privacy and protection laws and their impact on information security practices.

7. Excellent analytical and problem-solving skills, with a keen eye for detail.

8. Effective communication and interpersonal skills to collaborate with cross-functional teams and stakeholders.

9. Ability to work independently, manage multiple tasks, and prioritize effectively in a fast-paced environment.

10. Strong commitment to maintaining the highest standards of integrity and ethical conduct.