Lead - Cybersecurity Risk & Compliance

Company Description

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.

There’s another option. Freshworks. With a fresh vision for how the world works.

At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world.

Fresh vision. Real impact. Come build it with us.

Job Description

The Cybersecurity Risk & Compliance function is responsible for evaluating security and compliance risks within the organization. They set up security benchmarks, verify adherence to these standards across all internal sectors, and promote a culture of information security throughout the company.

As a Lead in our Cybersecurity Risk and Compliance team, you'll play a pivotal role in fortifying our security measures, leveraging your expertise in various technologies and frameworks. This position demands a proactive approach to risk management, security, automation, and strategic collaboration with diverse stakeholders to elevate our security standards.

Role Expectation

• Drive the day-to-day activities about policy governance, control governance, risk, and compliance initiatives.

• Enumerate cyber security and compliance risks and ensure they are managed appropriately across the products and business functions; Ensure the Product/ Functional team takes prudent risk ownership through active partnership and collaboration.

• Design and oversee the enforcement of policies and procedures based on industry-standard best practices.

• Provide contextual guidance to various internal teams in terms of processes and controls to improve the information security and compliance posture.

• Certify the readiness of the identified security frameworks and certifications by identifying & operationalizing the control requirements.

• Responsible for reviewing and reporting the operating effectiveness of the controls and risk/loss exposure.

• Drive continuous monitoring initiatives for the developed controls and develop reporting metrics, dashboards, and evidence artifacts periodically to be presented to the Leadership.

• Drive security awareness program throughout the year to effectively motivate desired behaviors & conduct regular training on security policy and standard requirements through training, communication, and workshops.

• Be a role model for the team and provide a healthy platform for the team to learn and grow.

• Stay abreast of the developing regulatory concerns and changing information security trends

Qualifications

• 8-10 years of experience in the Risk & Compliance space, viz. Risk enumeration, defining security standards, and managing information security processes.

• Work experience or conceptual understanding of the AWS cloud platform to define controls for the cloud environment and suggest best practices.

• Working experience or conceptual understanding of the FAIR methodology risk assessments or Quantified risk assessments.

• Have a deep understanding of security control frameworks such as ISO27001, PCI DSS, HIPAA, SOC 1/2, NIST Cyber Security Framework, NIST800-171, and the Cloud Compliance Framework.

• Security certifications like CISA, CISSP, CRISC, and cloud security certifications will be highly desired.

• Ability to gather, analyze, and evaluate facts and to prepare and present concise, detailed, and clear oral and written reports.

• Ability to build relationships, influence others, instill accountability, and achieve results.

• Ability to thrive in a dynamic, fast-paced environment taking up multiple responsibilities.

• Excellent problem-solving, interpersonal, and communication skills.

• Be a team player and a go-getter and thrive for success.

Additional Information

At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.