Lead - Cloud Security Engineer

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.

There’s another option. Freshworks. With a fresh vision for how the world works.

At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world.

Fresh vision. Real impact. Come build it with us.

In Freshworks, as a Lead Cloud Security Engineer, you will play a role in ensuring the security and compliance of our cloud infrastructure. In this role, you’ll be at the forefront of securing our cutting-edge cloud infrastructure, implementing advanced security strategies, and driving proactive security measures. 

Responsibilities:

• Support cross-team security initiatives of internal teams and consult with teams on security in design

• Engineer and tune the cloud security solutions including but not limited to enrollments, monitoring, alerting and maintaining defined security posture.

• Designing a secure application-release automation process to make security an integral part of the CI/CD pipelines and Integrate security tools for issue tracking with Jira.

• Identifying security tools and leading operationalization of solutions from POC to Production.

• Implementing automation to investigation and response workflows for Automated Incident Response.

• Reduce time-to-detect and time-to-remediate by driving the automation of applied threat intelligence and sensor enrichment.

• Work with Architecture teams to Implement an identity management ecosystem holistically and create a secure infrastructure, Enforce compliance with IAM principals including least privilege access, password management, Audit logging, RBAC, deploy and maintain password management, user account lifecycle, certificate management and system authentication solutions

• Improve Web App Firewalls (WAF/DDoS), Ensure early Identification of intrusion & attacks and implement countermeasures

• Implement security measures that monitor and protect sensitive data and systems from infiltration and cyber-attacks.

• Develop innovative security controls to protect assets across a complex environment

• Implement security orchestration and automation in support of security operations.

• Act as a first-responder for security-related incidents.

• At least 5-8 years of total experience in Cyber security including Incident response, Engineering, Cloud architectures, Tuning etc.

• At least 3+ years of experience and hands-on expertise in SIEM, WAF/DDOS, Cloud Security and/or Opensource development.

• Experience in Kubernetes and containerized environments.

• Must have proficiency with scripting languages (Batch scripting, Python and Ansible).

• Must have experience in Monitoring and improving DevSecOps tools and processes, automate routine tasks, improve system reliability and should be from a strong information security background.

• Must have hands- on experience with Linux/Unix systems.

• Experience in developing and reviewing hardening guidelines for various Linux Operating systems in line with the industry best practices.

• Understanding of security frameworks and standards like OWASP & NIST, Solid understanding of security protocols, cryptography, authentication, authorization

• Good understanding of Linux, TCP/IP protocol stack and networking fundamentals, security principles at all layers of the OSI stack

• Should have broad technical foundation and be able to understand network, operating system, database and application development design and support as necessary to be able to analyse issues and recommend solutions for the detection, remediation and prevention of security vulnerabilities.

• Experience in designing and reviewing security controls for Public cloud based deployments.

• Experience of implementing any cloud based SIEM Tools will be an advantage.

• Experience with PKI, SSL, SSH, HTTPS etc

• Hands on knowledge of Automation skills, Dev-Ops skills etc.

At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.