Job Description
Purpose of the Role
In today’s world, any organisation or individual are constantly threatened by cyber attacks. This is proven
through a yearly rise in security incidents and data breaches.
We at Freshworks are committed to preventing such incidents and providing a secure environment for our
customers to run their businesses.
Freshworks is looking for a passionate and self-driven application security engineer who can work
independently and collaboratively to enable development teams to build secure products. You will be
pivotal in integrating and advancing security by working with Developers, Product Owners, Program
Managers, and Security Engineers.
As part of the security engineering team, you will advocate secure AI design principles, build frameworks
to automate AI security testing and conduct security assessments on LLMs/GenAI features to unearth
critical vulnerabilities. We also expect you to deliver pieces of training to development and QA teams.
Responsibilities
Security Assessments:
● Examine the products in detail to discover vulnerabilities and collaborate with the other security
engineers to practically demonstrate the exploitability and risk factors.
● Be on the forefront of emerging vulnerabilities/threats which could affect Freshworks products
through independent research and study. Engage with the developers in developing AI security
solutions and mitigation plans and ensure they are implemented per policy.
● Drive thematic security/privacy assessments on LLMs/GenAIs to discover and exploit unique
risks having a severe business impact.
Threat Modelling:
● Engage with the development teams to conduct secure design reviews/threat modelling
exercises to enumerate threats and mitigation strategies in the AI/ML services.
● Enable developers to gain knowledge of AI security best practices by conducting focused
workshops.
Secure Coding:
● Manage integration and automation of AI security checks in the DevOps pipeline.
● Build secure coding principles for AI/ML services and propagate them across the development
community.
● Be the go-to person for developers in solving critical issues relating to secure product
development.
Training:
● Deliver training programs at various levels in the organisations.
● Conduct workshops/security tech talks to disseminate security knowledge and awareness.
Lead Responsibilities
● Be a role model for the team and provide a healthy platform for the team to learn and grow.
● Collaborate and engage with the cyber security leadership team and provide inputs for decision
support.
● Play the role of solution architect in designing and implementing security engineering programs.
Basic Qualification
● Master or Bachelor of Engineering in Computer Science / Engineering, Masters in Computer
Science, Bachelor of Science in Computer Science.
● 7 to 10 years of application security experience; 4+ years of software development experience is
desirable.
● Prior experience in building and deploying ML systems Familiarity with Machine learning
algorithms
● Proficiency with database systems and schema design encompassing SQL and NoSQL
databases.
● Good knowledge of multiple vulnerability classes, including cross-site scripting, SQL Injection,
code injection,prompt injection, and Model Poisoning.
● Good knowledge of SAML / OAuth / Open ID Connect.
● Good knowledge of programming/scripting languages such as Java and Python.
● Good knowledge relating to services/technology relating to the cloud.
● Ability to automate security testing and improve productivity in security assessments.
● Good understanding and knowledge of web frameworks and architecture.
● Ability to communicate and interpret security vulnerabilities to various audiences, such as
development and management teams.
Advanced Qualification (Good to have, not a Must have)
● Experience in deploying ML projects in production systems with substantial individual
contributions
● Experience conducting security assessments in cloud platforms (SaaS, PaaS, IaaS).
● Published CVEs / research papers/articles about the security of the application layer and related
protocols.
At Freshworks, we are creating a global workplace that enables everyone to find their true potential, purpose, and passion irrespective of their background, gender, race, sexual orientation, religion and ethnicity. We are committed to providing equal opportunity for all and believe that diversity in the workplace creates a more vibrant, richer work environment that advances the goals of our employees, communities and the business.
