Job Description The Risk & Compliance team is responsible for evaluating security and compliance risks within the organization. They set up security benchmarks, verify adherence to these standards across all internal sectors, and promote a culture of information security throughout the company. As a Senior Advisor in our Cybersecurity Risk and Compliance team, you'll play a pivotal role in fortifying our security measures, leveraging your expertise in various technologies and frameworks. This position demands a proactive approach to security, automation, and strategic collaboration with diverse stakeholders to elevate our security standards. Role Expectation 4-6 years of experience in the Information Security field, including proficiency in conducting technical risk assessments, establishing security standards, and overseeing information security processes. Conduct comprehensive risk assessments, including vulnerability analysis, threat modeling, and compliance evaluations. Develop and implement mitigation strategies to address identified risks. Utilize advanced technical knowledge to identify, analyze, and mitigate cybersecurity risks, focusing on both existing and emerging threats. Demonstrate a deep understanding of the authentication and authorization protocols such as SAML, OAuth, and Open ID Connect, utilizing this knowledge to enhance our security frameworks. Showcase a robust understanding of cloud services and related technologies, contributing to a secure cloud environment. Develop and implement strategies to automate security testing procedures, enhancing efficiency and precision in security assessments. Contribute to the development and maintenance of security policies, standards, and best practices, ensuring they are up-to-date and relevant to the evolving threat landscape. Develop and deliver cybersecurity training andawareness programs to educate employees on security best practices and compliance. Qualifications Good familiarity with risk assessment methodologies and tools. Excellent understanding of regulatory compliance requirements relevant to the industry or organization. Strong analytical & technical skills to assess and evaluate risks, vulnerabilities, and compliance gaps within the organization. Practical experience or a solid conceptual understanding of the AWS cloud platform to define controls for cloud environments and recommend best practices. Good knowledge of security frameworks such as SOC 1 / SOC 2, NIST Cyber Security, PCI DSS, and HIPAA. Security certifications like CISA, CISSP, CRISC, and cloud security certifications will be highly desired. Good project management experience to work with cross-functional stakeholders and collaborate to drive information security projects on time. Excellent verbal and written communication skills to communicate concisely and unambiguously. Desire to continuously seek and update technical skills around information security in cloud computing as required for the job. Be proactive and take ownership of the role in contributing to maintaining high standards of information security. Self-sufficient and able to work with little direct supervision. Be a go-getter and thrive for success. Additional Information At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.
