Lead Cybersecurity Audit & Assurance

The Lead GRC Cybersecurity professional will own and drive governance risk and compliance
programs across Freshworks. This role partners closely with engineering cloud operations
product legal and business teams to ensure regulatory customer and certification
requirements are met at scale. The role also serves as a primary interface with external auditors
and internal stakeholders while strengthening security assurance across cloud Kubernetes and
AI-driven systems.

Roles & Responsibilities

Governance and Compliance
Lead and manage compliance programs for ISO 27001 SOC PCI DSS and Cyber Essentials
Own end to end audit lifecycle including planning evidence readiness walkthroughs and
closure
Interpret control requirements and translate them into practical scalable processes
Maintain compliance documentation policies risk registers and control narratives
Audit and Stakeholder Management
Act as the primary point of contact for external auditors and certification bodies
Coordinate cross functional teams for timely evidence collection and validation
Provide clear concise and executive ready compliance reports and dashboards
Drive continuous improvement based on audit findings and risk assessments

Risk Management
Identify assess and track cybersecurity and technology risks across cloud and product
environments. Facilitate risk reviews with business and technical leadership
Ensure risk treatment plans are practical tracked and aligned with business priorities

Cloud Platform and AI Security
Demonstrate strong understanding of cloud concepts and shared responsibility models
Work closely with engineering teams on security controls for cloud and Kubernetes
environments
Understand AI security fundamentals including LLM architectures data risks prompt injection
and model misuse
Support governance and risk frameworks for AI-enabled features and platforms

Communication and Leadership
Enable strong interdepartment collaboration across security engineering legal IT and
compliance
Mentor and guide junior GRC team members
Represent the GRC function with confidence to senior leadership and customers

Qualifications :

• 8 to 15 years of experience in cybersecurity GRC roles
• Strong experience in report writing and executive level communication
• Proven experience interfacing with auditors and regulators
• Hands on experience managing ISO 27001 SOC 2 and PCI audits
• Strong understanding of cloud security principles and Kubernetes environments
• Working knowledge of AI security concepts LLM risks and governance considerations
• Ability to drive evidence collection across distributed and global teams
• Preferred Qualifications
• Prior experience in SaaS or cloud native organizations
• Certifications such as CISA ISO 27001 Lead Implementer or Auditor CISSP or CISM

Preferred Qualifications

• Prior experience in SaaS or cloud native organizations
• Certifications such as CISA ISO 27001 Lead Implementer or Auditor CISSP or CISM

Additional Information :

What Success Looks Like in This Role

• Proactively own and manage Certification cycles
• Strong audit readiness culture across engineering and business teams
• Clear visibility of risk posture for leadership
• Scalable and future-ready GRC programs aligned with cloud and AI adoption

At Freshworks we have fostered an environment that enables everyone to find their true potential purpose and passion welcoming colleagues of all backgrounds genders sexual orientations religions and ethnicities. We are committed to providing equal opportunity and believe that diversity in the workplace creates a more vibrant richer environment that boosts the goals of our employees communities and business. Fresh vision. Real impact. Come build it with us.

Remote Work :

No

Employment Type :

Full-time