Lead - Cybersecurity Risk & Compliance

Freshworks • Full-time • Bengaluru, India • 4d ago

Why This Job is Featured on The SaaS Jobs

This role is featured because modern SaaS vendors increasingly ship security decisions as part of the product, not just as internal governance. A Lead for Cybersecurity Risk and Compliance at an established SaaS provider like Freshworks sits at the intersection of cloud controls, customer assurance, and evolving regulation, with explicit scope that includes AI governance. That combination reflects where the SaaS ecosystem is headed as GenAI features and third party AI services become embedded in core workflows.

From a SaaS career perspective, the remit builds durable expertise in translating frameworks into operational controls and evidence that enterprise buyers expect. Exposure to SOC and ISO style readiness, quantified risk approaches, and AWS aligned control design maps well to how SaaS companies scale trust across multiple products and functions. The added emphasis on AI risk domains also positions this experience to remain relevant as new standards and regulations mature.

The role tends to suit professionals who like structured problem solving, cross functional influence, and turning ambiguous requirements into repeatable processes and metrics. It is a strong match for someone ready to lead governance programs while staying close to technical realities in cloud and AI enabled software delivery.

The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.

Job Description

Company Description

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.

There’s another option. Freshworks. With a fresh vision for how the world works.

At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world.

Fresh vision. Real impact. Come build it with us.

Job Description

The Cybersecurity Risk & Compliance function is responsible for evaluating security and compliance risks within the organization. They set up security benchmarks, verify adherence to these standards across all internal sectors, and promote a culture of information security throughout the company.

As a member of our Cybersecurity Risk and Compliance team, you'll play a pivotal role in fortifying our security measures, leveraging your expertise in various technologies, regulatory frameworks, and emerging domains such as Artificial Intelligence (AI). This position demands a proactive approach to risk management, security, automation, AI governance, and strategic collaboration with diverse stakeholders to elevate our security standards.

Role Expectation

Drive the day-to-day activities about policy governance, control governance, risk, and compliance initiatives — including emerging AI governance and responsible AI adoption initiatives.
Enumerate cyber security and compliance risks and ensure they are managed appropriately across the products and business functions — including risks arising from AI/ML systems, GenAI integrations, third-party AI services, and agentic workflows. Ensure the Product/ Functional team takes prudent risk ownership through active partnership and collaboration.
Design and oversee the enforcement of policies and procedures based on industry-standard best practices, including AI governance policies covering model lifecycle management, AI data handling, and secure AI deployment practices.
Provide contextual guidance to various internal teams in terms of processes and controls to improve the information security, AI governance, and compliance posture of the organization.
Certify the readiness of the identified security frameworks and certifications by identifying & operationalizing the control requirements — including AI-related frameworks such as ISO 42001, NIST AI RMF, and applicable AI regulatory requirements (e.g., EU AI Act where relevant).
Responsible for reviewing and reporting the operating effectiveness of the controls and risk/loss exposure, including controls governing AI model security, data privacy in AI systems, prompt injection safeguards, and third-party AI usage.
Drive continuous monitoring initiatives for the developed controls and develop reporting metrics, dashboards, and evidence artifacts periodically to be presented to the Leadership — including metrics related to AI risk posture and governance maturity.
Drive security awareness program throughout the year to effectively motivate desired behaviors & conduct regular training on security policy and standard requirements through training, communication, and workshops — including responsible and secure use of AI tools across the organization.
Be a role model for the team and provide a healthy platform for the team to learn and grow, including building awareness on emerging AI security and governance trends.
Stay abreast of the developing regulatory concerns and changing information security trends, including evolving global AI governance and compliance requirements.

Qualifications

5–10 years of experience in the Risk & Compliance space, viz. Risk enumeration, defining security standards, and managing information security processes. Exposure to AI governance, model risk management, or AI security risk assessments is highly desirable.
Work experience or conceptual understanding of the AWS cloud platform to define controls for the cloud environment and suggest best practices, including controls for AI/ML workloads hosted in cloud environments.
Working experience or conceptual understanding of FAIR methodology risk assessments or Quantified risk assessments, including application to AI-related risks.
Have a deep understanding of security control frameworks such as ISO27001, PCI DSS, HIPAA, SOC 1/2, NIST Cyber Security Framework, NIST800-171, and the Cloud Compliance Framework. Familiarity with AI governance frameworks such as ISO 42001 and NIST AI RMF is an added advantage.
Understanding of AI/ML risk domains such as: Data leakage in training or inference, Prompt injection and model misuse, AI output reliability and hallucination risks, Bias and fairness considerations,Third-party AI and SaaS AI integrations
Security certifications like CISA, CISSP, CRISC, and cloud security certifications will be highly desired. AI governance or AI risk-related certifications are a plus.
Ability to gather, analyze, and evaluate facts and to prepare and present concise, detailed, and clear oral and written reports, including emerging AI risk themes.
Ability to build relationships, influence others, instill accountability, and achieve results.
Ability to thrive in a dynamic, fast-paced environment taking up multiple responsibilities, including rapidly evolving AI governance requirements.
Excellent problem-solving, interpersonal, and communication skills.
Be a team player and a go-getter and thrive for success.

Additional Information

At Freshworks, we have fostered an environment that enables everyone to find their true potential, purpose, and passion, welcoming colleagues of all backgrounds, genders, sexual orientations, religions, and ethnicities. We are committed to providing equal opportunity and believe that diversity in the workplace creates a more vibrant, richer environment that boosts the goals of our employees, communities, and business. Fresh vision. Real impact. Come build it with us.