Senior SOC Analyst

Organizations everywhere struggle under the crushing costs and complexities of “solutions” that promise to simplify their lives. To create a better experience for their customers and employees. To help them grow. Software is a choice that can make or break a business. Create better or worse experiences. Propel or throttle growth. Business software has become a blocker instead of ways to get work done.

There’s another option. Freshworks. With a fresh vision for how the world works.

At Freshworks, we build uncomplicated service software that delivers exceptional customer and employee experiences. Our enterprise-grade solutions are powerful, yet easy to use, and quick to deliver results. Our people-first approach to AI eliminates friction, making employees more effective and organizations more productive. Over 72,000 companies, including Bridgestone, New Balance, Nucor, S&P Global, and Sony Music, trust Freshworks’ customer experience (CX) and employee experience (EX) software to fuel customer loyalty and service efficiency. And, over 4,500 Freshworks employees make this possible, all around the world.

Fresh vision. Real impact. Come build it with us.

We are looking for a Cloud Threat Detection & Response Engineer to help protect our cloud environments and workloads. This role focuses on identifying and responding to security threats in AWS (especially EC2), containers, CI/CD pipelines, and endpoint detection & response (EDR) tools. You will work closely with Security, Cloud, and DevOps teams to improve our detection capabilities and respond to incidents quickly and effectively.

🛠️ Key Responsibilities

● Monitor cloud environments and EDR tools for suspicious activity.

● Build and maintain threat detection rules for EC2, containers, and CI/CD pipelines.

● Investigate alerts and lead incident response for cloud and endpoint threats.

● Analyse attacker behaviour and help improve our security monitoring.

● Collaborate with DevOps and Cloud teams to ensure strong visibility and logging across workloads.

● Provide clear reports and recommendations after incidents.

Qualifications

Required Qualifications

● 4+ years in security operations, cloud security, or incident response.

● Experience with AWS (EC2, CloudTrail), containers (Docker/Kubernetes), CI/CD pipelines, and EDR platforms.

● Strong understanding of Linux systems and common attack techniques.

● Hands-on experience with SIEM tools or cloud-native monitoring systems.

Preferred Qualifications

● Experience with runtime/container security tools (e.g., Falco, eBPF-based tools).

● Scripting skills (Python, Bash, or Go).

● Relevant certifications (AWS Security, GIAC, etc.

Additional Information

Fresh vision. Real impact. Come build it with us.