See yourself at Twilio

Join the team as our next Security Assurance Analyst

Who we are & why we’re hiring

Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.

Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia. We're on a journey to becoming a globally anti-racist, anti-oppressive, anti-bias company that actively opposes racism and all forms of oppression and bias. At Twilio, we support diversity, equity & inclusion wherever we do business. We employ thousands of Twilions worldwide, and we're looking for more builders, creators, and visionaries to help fuel our growth momentum.

About the job

The Security Assurance Analyst will be a key member of the Security Assurance program at Twilio, focused on maturing our Security and Compliance posture through consulting, gap assessments, and certification activities. They will work closely with Product Verticals such as Healthcare to ensure products are compliant with regulations and industry standard methodologies (e.g. HIPAA, HITRUST, FedRAMP, SOC2, ISO 27001).

Responsibilities

In this role, you’ll:

• Work effectively with numerous multi-functional stakeholders across the company (Sales, Engineering, Product, Legal, Finance, IT, HR, etc.) to drive improvements in control and process design, testing, remediation, continuous monitoring, project management and documentation
• Evaluate technology solutions and identify security gaps against security baselines and compliance requirements, partnering with multi-functional teams precisely rate risk in the business context, recommend remediation activities and timelines, and advance issues as needed for visibility
• Improve the internal processes of the teams to promote consistent evaluations, automation, and reporting of metrics.

Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• 5+ years of Compliance, Assurance, and / or Risk Management experience, working with security-centric risk management or compliance frameworks such as HIPAA, HITRUST, FedRAMP, ISO/IEC 27001, PCI DSS, NIST CSF, NIST 800-53 and / or IRAP.
• 2+ years of project management experience in security or another technical field, including defining overall project scope, tracking project performance, communicating project status to management.
• Past experience in HIPAA or HITRUST compliance implementation or gap assessment / audit.
• Ability to work in a dynamic, fast-paced environment that requires constant prioritization
• Demonstrate strong verbal and written communication skills, and ability to translate sophisticated technical or security requirements or risks into business language that can be understood by various audiences.
• Ability to think critically and solve problems, create effective solution solutions.
• Experiencing using or creating metrics to effectively tell a compliance or security “story”, including the use of various formats and visuals.

Desired:

• Experience and familiarity with cloud security techniques and working with public cloud solutions including but not limited to AWS and GCP.
• Experience and familiarity with securing code deployment pipelines and Infrastructure as Code (IaC).
• CISA, CISM, GIAC, CISSP or other Information Security related certification is highly preferred.

Location:

This role will be remote based in the United States of America. 

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to ignite your full potential, do your best work, and be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.

*Please note this role is open to candidates outside of Colorado as well. The information below is provided for those hired in Colorado only.

*If you are a Colorado applicant:

• The estimated pay range for this role, based in Colorado, is $132,320 - $181,940.
• Non-Sales: Additionally, this role is eligible to participate in Twilio's equity plan.

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state. This role is also eligible to participate in Twilio’s equity plan and for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave.