Senior Analyst - Cybersecurity Audit & Assurance

Freshworks makes it fast and easy for businesses to delight their customers and employees. We do this by taking a fresh approach to building and delivering software that is affordable, quick to implement, and designed for the end user. Headquartered in San Mateo, California, Freshworks has a global team operating from 13 global locations to serve more than 65,000 companies -- from startups to public companies – that rely on Freshworks software-as-a-service to enable a better customer experience (CRM, CX) and employee experience (ITSM). 

Freshworks’ cloud-based software suite includes Freshdesk (omni-channel customer support), Freshsales (sales automation), Freshmarketer (marketing automation), Freshservice (IT service desk), Freshchat (AI-powered bots), supported by Neo, our underlying platform of shared services.

Freshworks is featured in global national press including CNBC, Forbes, Fortune, Bloomberg and has been a BuiltIn Best Place to work in San Francisco and Denver for the last 3 years. Our customer ratings have earned Freshworks products TrustRadius Top Rated Software ratings and G2 Best of Awards for Best Feature Set, Best Value for the Price and Best Relationship.

The Audit & Assurance team plays a vital role in maintaining compliance with crucial frameworks and internal controls across our organization's diverse domains, in addition to partnering with external auditors to facilitate effective audit management and attestations.We are looking for a highly skilled and motivated professional to join our Audit and Assurance team. As a member of this team, you will have the opportunity to monitor, maintain, and measure compliance with internal controls, regulatory requirements, certifications, and industry standards. Additionally, you will collaborate closely with our technology functions to identify areas for improvement and support initiatives aimed at enhancing cybersecurity within our organization.

• Facilitating both internal and external audits while adhering to the annual audit plan.
• Collaborating with relevant stakeholders to gather necessary information for conducting audit tasks.
• Gaining a comprehensive understanding of business processes and collaborating with business representatives to ensure compliance with Cybersecurity requirements (ISO27001, PCI DSS, HIPAA, SOC, NIST, and the Cloud Security Alliance (CSA) Framework) and other regulatory requirements.
• Managing and/or conducting test procedures, documenting and communicating audit findings, and compiling remediation plans and work papers for internal assessments.
• Executing control testing and deriving metrics to validate the operational effectiveness of the control framework.
• Assisting external auditors and service providers in the completion of audit and consulting projects.
• Maintaining close communication with stakeholders, sharing audit results, and monitoring issue remediation for timely resolution.
• Perform data analysis to provide significant inferences and identify key risk areas.

• 5- 7 years of experience in Cybersecurity audits (internal/external) with a specific focus on technical control testing.
• Exhibit a deep understanding of security control frameworks, including ISO27001, PCI DSS, HIPAA, SOC 1/2, NIST Cyber Security Framework, NIST800-171, and the Cloud Compliance Framework.
• Showcase practical experience or conceptual knowledge of auditing controls within the AWS cloud platform, with the ability to recommend best practices for the cloud environment.
• Showcase expertise in process documentation, the development of Risk Control Matrices (RCMs), report writing, root cause analysis, and remediation, with the capability to provide mentorship to fellow team members.
• Experience in designing and assessing processes/ controls and driving improvements.
• Exhibit excellent interpersonal skills, facilitating effective interactions across all company functions
• Ability to gather, analyze, and evaluate facts and to prepare and present concise, detailed, and clear oral and written reports.
• Ability to provide creative recommendations for minimization of business risks and improving business processes, a sense of urgency, and an ability to defend conclusions.
• Work experience or conceptual understanding of the AWS cloud platform to audit controls for the cloud environment.

At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.