Lead - Cybersecurity Risk & Compliance

Company Description

Freshworks makes it fast and easy for businesses to delight their customers and employees. We do this by taking a fresh approach to building and delivering software that is affordable, quick to implement, and designed for the end user. Headquartered in San Mateo, California, Freshworks has a global team operating from 13 global locations to serve more than 65,000 companies -- from startups to public companies – that rely on Freshworks software-as-a-service to enable a better customer experience (CRM, CX) and employee experience (ITSM). 

Freshworks’ cloud-based software suite includes Freshdesk (omni-channel customer support), Freshsales (sales automation), Freshmarketer (marketing automation), Freshservice (IT service desk), Freshchat (AI-powered bots), supported by Neo, our underlying platform of shared services.

Freshworks is featured in global national press including CNBC, Forbes, Fortune, Bloomberg and has been a BuiltIn Best Place to work in San Francisco and Denver for the last 3 years. Our customer ratings have earned Freshworks products TrustRadius Top Rated Software ratings and G2 Best of Awards for Best Feature Set, Best Value for the Price and Best Relationship.

Job Description

The Cybersecurity Risk & Compliance function is responsible for evaluating security and compliance risks within the organization. They set up security benchmarks, verify adherence to these standards across all internal sectors, and promote a culture of information security throughout the company.

As a Lead in our Cybersecurity Risk and Compliance team, you'll play a pivotal role in fortifying our security measures, leveraging your expertise in various technologies and frameworks. This position demands a proactive approach to risk management, security, automation, and strategic collaboration with diverse stakeholders to elevate our security standards.

Role Expectation

• Drive the day-to-day activities about policy governance, control governance, risk, and compliance initiatives.

• Enumerate cyber security and compliance risks and ensure they are managed appropriately across the products and business functions; Ensure the Product/ Functional team takes prudent risk ownership through active partnership and collaboration.

• Design and oversee the enforcement of policies and procedures based on industry-standard best practices.

• Provide contextual guidance to various internal teams in terms of processes and controls to improve the information security and compliance posture.

• Certify the readiness of the identified security frameworks and certifications by identifying & operationalizing the control requirements.

• Responsible for reviewing and reporting the operating effectiveness of the controls and risk/loss exposure.

• Drive continuous monitoring initiatives for the developed controls and develop reporting metrics, dashboards, and evidence artifacts periodically to be presented to the Leadership.

• Drive security awareness program throughout the year to effectively motivate desired behaviors & conduct regular training on security policy and standard requirements through training, communication, and workshops.

• Be a role model for the team and provide a healthy platform for the team to learn and grow.

• Stay abreast of the developing regulatory concerns and changing information security trends

Qualifications

• 8-10 years of experience in the Risk & Compliance space, viz. Risk enumeration, defining security standards, and managing information security processes.

• Work experience or conceptual understanding of the AWS cloud platform to define controls for the cloud environment and suggest best practices.

• Working experience or conceptual understanding of the FAIR methodology risk assessments or Quantified risk assessments.

• Have a deep understanding of security control frameworks such as ISO27001, PCI DSS, HIPAA, SOC 1/2, NIST Cyber Security Framework, NIST800-171, and the Cloud Compliance Framework.

• Security certifications like CISA, CISSP, CRISC, and cloud security certifications will be highly desired.

• Ability to gather, analyze, and evaluate facts and to prepare and present concise, detailed, and clear oral and written reports.

• Ability to build relationships, influence others, instill accountability, and achieve results.

• Ability to thrive in a dynamic, fast-paced environment taking up multiple responsibilities.

• Excellent problem-solving, interpersonal, and communication skills.

• Be a team player and a go-getter and thrive for success.

Additional Information

At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.