Security and Compliance Manager

About UsVisit Health is a pioneering health-tech platform, founded in 2016 by BITS Pilani alumni, dedicated to making healthcare accessible, affordable, and preventive. Originated as a telemedicine platform during the 2015 Swine Flu epidemic, Visit Health has grown into an all-in-one wellness ecosystem that connects doctors, insurers, and millions of families. Our services range from physical and mental wellness to OPD benefits, empowering both individuals and corporations to prioritize well-being.Our Core Offerings-Employee Assistance Program (EAP):Mental health support services for a balanced work-life experience. -Personalized Health Plans:Tailored wellness programs with fitness, meditation, and nutritional guidance. -Health Check-ups & Screenings:Preventive check-ups and vaccinations for proactive health management. -Comprehensive Wellness Programs:Designed to boost morale, productivity, and holistic employee health. -Preventive & OPD Care:Seamless primary care and OPD services, reducing out-of-pocket expenses through cashless OPD benefits.Founding TeamThe founding team — Chetan Anand, Anurag Prasad, Vaibhav Singh, and Shashvat Tripathi — established Visit Health to bridge the healthcare gap in India. Driven by their experiences with limited healthcare access in Pilani, they have built Visit Health into a platform that advocates quality, accessible healthcare for everyone.What Sets Us Apart- Comprehensive & Flexible OPD Benefits:Visit offers unlimited access packages for employees and dependents, covering mental health, nutrition, diagnostics, and doctor consultations. -Integrated Platform:Combining primary and secondary care, our platform connects corporates, insurers, and retailers, making healthcare seamless and holistic. -Engagement & Gamification:AI-driven insights, step challenges, and rewards (FitCoins) drive high engagement and builds lasting healthy habits. -24/7 Accessibility:Accessible health support anytime, designed to address India’s diverse healthcare needs.Key Milestones & Achievements-Expanding Primary Care Access:Serving over 5 million users with 1.5 million annual health checkups, 500,000 doctor consultations, and 200,000 pharmacy orders. -Strategic Partnerships:Collaborations with leading insurers and doctors, reaching 2,500 major corporations and MSMEs. -Technological Innovation:Introduced India’s first cashless OPD insurance program in partnership with Apollo Munich, with a network of over 35,000 doctors. -Awards & Recognition:Honored in Forbes 30 Under 30 Asia (2020) and BITSAA Global 30 Under 30 (2022). -Funding Success:Secured over $40 million in investments to drive growth and service expansion.Future VisionVisit Health aims to further strengthen India’s primary care infrastructure, expand its corporate and insurer partnerships, and introduce advanced health tech solutions. With a focus on universal health coverage, we’re committed to making healthcare accessible for all employees and their families, supporting them in leading healthier lives.Visit Health — Empowering workplaces with accessible, affordable, and impactful healthcare.Job Summary:We are looking for aSecurity and Compliance Managerto oversee and enhance our security frameworks, regulatory compliance, and risk management initiatives. The ideal candidate will ensure adherence to industry regulations, implement security best practices, and lead audits to maintain compliance with international standards.Key Responsibilities:Security Governance & Risk Management: Develop and implement security policies, standards, and guidelines. Conduct risk assessments and security audits to identify vulnerabilities and mitigate risks. Collaborate with IT and legal teams to ensure secure infrastructure and data protection. Monitor emerging security threats and recommend appropriate countermeasures.Regulatory Compliance & Audits: Ensure compliance with industry regulations such asISO 27001, HIPAA, GDPR, SOC 2, PCI-DSS, NIST, and others . Lead internal and external security audits, managing relationships with auditors and regulators. Develop compliance reports and maintain documentation for audits and assessments. Educate internal teams on compliance requirements and security best practices.Data Protection & Privacy: Implement and maintain data protection policies to safeguard sensitive information. Work with legal and IT teams to ensure compliance with global privacy laws (e.g., GDPR, CCPA). Conduct Data Protection Impact Assessments (DPIAs) and oversee incident response plans.Incident Management & Response: Develop and maintainincident response plans and security monitoringmechanisms. Lead investigations into security incidents, breaches, and compliance violations. Coordinate with cybersecurity teams to implement security controls and remediation strategies.Training & Awareness: Conduct security awareness training for employees to promote a security-first culture. Stay updated on new regulations and industry trends to proactively adapt policies.