Business Unit Security Lead

Remote - US

Applications have closed

Twilio

Connect with customers on their preferred channels—anywhere in the world. Quickly integrate powerful communication APIs to start building solutions for SMS and WhatsApp messaging, voice, video, and email.

View company page

See yourself at Twilio

Join the team as our next Business Unit Security Lead

Who we are & why we’re hiring

Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.

Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia. We're on a journey to becoming a globally anti-racist, anti-oppressive, anti-bias company that actively opposes racism and all forms of oppression and bias. At Twilio, we support diversity, equity & inclusion wherever we do business. We employ thousands of Twilions worldwide, and we're looking for more builders, creators, and visionaries to help fuel our growth momentum.

About the job

Twilio is seeking a Business Unit Security Lead to support our R&D Business Unit for all of Twilio's communications products. The Business Unit Security Lead will be responsible for orchestrating and facilitating the information security strategy and program for the respective Twilio Business Unit (BU).

The Security Lead will partner with the BU R&D teams and related collaborators to improve the overall information security posture for their respective BU, help drive key enterprise security initiatives, facilitate progress and reporting metrics, and ensure that BU products and associated infrastructure align with the enterprise security program. The Security Lead will report directly to the Business Unit Information Security Officer (BISO) with additional accountability to the respective R&D Leaders.

Responsibilities

In this role, you’ll:

  • Engage directly with the BU R&D teams to understand, discuss, and advise on strategic priorities, concerns, and key security risks.
  • Help coordinate and prioritize the work and resources for implementing enterprise security initiatives, including directing the embedded security team members.
  • Be a trusted partner to the BU R&D teams and act in a consultative way to help the BU improve its security posture and adhere to enterprise security policies and expected controls.
  • Engage R&D teams at a technical level to ensure they have clear visibility and understanding of mitigation priorities and pathways.
  • Engage directly with the centralized security teams to align with the long term enterprise security roadmap and proactively advance BU operational issues.
  • Champion Twilio’s enterprise security program within the respective BU, ensuring enterprise objectives and requirements are communicated and understood by BU partners.
  • Maintain a solid understanding of the BU products and supporting infrastructure environment (e.g., application stacks, infrastructure components, external facing footprint, etc.) to help appropriately manage the threat and risk landscape.
  • Work proactively with BU leadership to ensure security, risk, and compliance is actively contemplated in the BU’s strategic objectives and BPMs.
  • Facilitate regular, timely reporting of key security metrics from the respective BU.
  • Engage directly with the appropriate teams to ensure new products, services, applications, third party or customer relationships, have been assessed for security risks and that identified risks are appropriately addressed.
  • Facilitate the identification of assets to be monitored by the enterprise Security Incident Response Team (SIRT).
  • Facilitate security risk assessments within the respective BU performed by the centralized Governance, Risk, and Compliance (GRC) team.
  • Serve as the liason path for information security issues and inquiries.
  • Work with the centralized GRC team and Security leadership to help determine acceptable levels of risk for the respective BU, report on variances, and partner with BU R&D teams to ensure the execution of mitigation activities. 
  • Proactively identify security deficiencies or opportunities for improvement within the respective BU and facilitate development of pragmatic solutions.
Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

  • 6+ years in information security, IT audit, and/or IT/security risk management including 2+ years managerial or tech lead experience
  • Experience with security risk assessments, IT audit, and GRC software (e.g., ServiceNow, Archer, ZenGRC, etc.)
  • Experience managing security certification and attestation efforts, including execution of self-assessments, developing gap remediation strategies, and working with external auditors
  • Familiarity with common security compliance, certification, and attestation frameworks and regulations (i.e. SOC 2, ISO 27001, HIPAA, SOX, HITRUST)
  • Experience partnering with R&D/engineering teams in operationalizing security and privacy in infrastructure and customer-facing products.
  • Proven track record of running successful security programs from conception to completion across a complex organization with competing partners.

Desired

  • Good communication and interpersonal skills to build/maintain ongoing business relationships with all levels within an organization, from engineering to C-Suite.
  • Technical familiarity and understanding of telecom specific security challenges related to SIP, SMPP, GSMA standard methodologies and 3GPP standards.\
  • Understanding of SDLC programs and capabilities within an agile environment as related to application design and network infrastructure.
  • Demonstrated experience effectively leading and managing collaborative, multi-functional teams to successfully deliver programs and/or multiple projects on time and within budget based on agreed upon scope and business goals
  • Good ability to influence or negotiate with partners dealing with competing priorities
  • Experience writing technical documentation, using modern documentation software, and shaping internal tooling strategy.
  • A solution-oriented approach, with the ability to exercise good professional judgment
  • Knowledge of the healthcare, telecommunications and software industries
  • CISA, CISSP or other similar professional designations
  • Strong project planning and prioritization skills, with the ability to respond quickly to a changing dynamic.

Location 

This role will be remote, US

Approximately 0% travel is anticipated. 

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.

*Please note this role is open to candidates outside of Colorado as well. The information below is provided for those hired in Colorado only.

*If you are a Colorado applicant:

  • The estimated pay range for this role, based in Colorado, is $176,080 - $220,100
  • Non-Sales: Additionally, this role is eligible to participate in Twilio's equity plan.

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state. This role is also eligible to participate in Twilio’s equity plan and for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave.

 



Tags: Agile Audits C CISA CISSP Compliance Governance HIPAA HITRUST Incident response ISO 27001 Privacy R&D Risk management SDLC Security strategy SOC 2 Strategy

Perks/benefits: 401(k) matching Career development Competitive pay Equity Health care Parental leave Travel Wellness

Regions: Remote/Anywhere North America
Country: United States
Job stats:  14  1  0
Category: Leadership Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.