Lead - Cybersecurity Third-Party Risk Management
Freshworks
Company Description
Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.
There’s another option. Freshworks. With a fresh vision for how the world works.
At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world.
Fresh vision. Real impact. Come build it with us.
Job Description
Freshworks is seeking a seasoned Third Party Risk Management (TPRM) professional to join our Cybersecurity GRC team. This is a senior individual contributor role responsible for designing and operating a robust, scalable TPRM programme that keeps pace with Freshworks' rapid growth and expanding regulatory obligations.
You will own the end-to-end vendor risk lifecycle from intake and assessment to ongoing monitoring and offboarding while contributing to audit readiness, SOX IT control testing, and cross-functional GRC initiatives. You will work closely with Procurement, Legal, Privacy, and Engineering to embed vendor risk thinking directly into how Freshworks buys and manages third-party relationships.
Key Responsibilities
Third-Party Risk Management
- Own and operate the full TPRM lifecycle: vendor intake, inherent risk tiering, due diligence assessments, remediation tracking, periodic re-assessments, and offboarding.
- Design, implement, and continuously improve TPRM controls, frameworks, and policies aligned to industry best practices (ISO 27001, NIST CSF, SOC 2, CIS).
Don't want to miss the next one?
Subscribe to daily email alerts for roles matching your interests.