Staff Security Engineer, Threat Hunt & Research (L4)
Remote - Ireland
Twilio
Connect with customers on their preferred channels—anywhere in the world. Quickly integrate powerful communication APIs to start building solutions for SMS and WhatsApp messaging, voice, video, and email.Join the team as our next Staff Security Engineer, Threat Hunt & Research.
Who we are & why we’re hiringTwilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.
Although we're headquartered in San Francisco, we're on a journey to becoming a globally antiracist company that supports diversity, equity & inclusion wherever we do business. We employ thousands of Twilions worldwide, and we're looking for more builders, creators, and visionaries to help fuel our growth momentum.
About the jobIn this position, we need someone who can think like a cyber attacker attempting to circumvent security measures. As a technical subject matter expert, you’ll have an in-depth understanding of attacker tactics, techniques, and procedures, be proficient in log analysis, and work across teams to proactively hunt for threat actor activity in our products, services, and networks. You’ll identify opportunities to implement additional preventive and detective security controls and build technical solutions to help Twilio meet our toughest challenges. This is a chance to think differently about cyber defense, and to develop the next generation of security analytics. You will act as a primary technical resource (and escalation point) for operational incident support, fraud investigations, threat analysis, and threat hunting.
Twilio is looking for a technical SME who lives the Twilio Magic and has demonstrated success hunting for and mitigating threats across the enterprise and beyond. The Security Operations team is vital to ensuring that Twilio operations leadership has access to actionable intelligence that informs decision making on a global scale.
ResponsibilitiesIn this role, you’ll:
- BE AN OWNER: Subject matter expert on logs to enable Twilio to query, process and manipulate in a variety of platforms and formats
- DRAW THE OWL: Proactively hunt for threats and vulnerabilities from various angles and disciplines including social media and the dark web
- NO SHENANIGANS: Conduct in-depth research in security and big data technologies to identify trends, best practices, and potential gaps in security
- DON’T SETTLE: Identify credible, new intelligence and subject matter resources relative to current/emerging threats
- BE INCLUSIVE: Support projects via engineering, testing, implementation, and integration
Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!
Required:
- 5-7 years of experience at the sharp end of cyber security, including at least 2 years experience identifying, investigating, and mitigating or exploiting (legally) cyber security threats or vulnerabilities.
- Experience conducting proactive technical investigations and response to threats across the full spectrum of adversary capabilities, from everyday, through cybercriminal, to Advanced Persistent Threat (APT).
- Understands the range of security controls that can be leveraged against attackers.
- A passion for finding the signal in the noise! Confident analyzing and interpreting log files from various sources, including endpoints, network devices, applications, and cloud services.
- Experience applying some formal analytical methods and data analysis techniques to investigations to maximize robustness, completeness, and correctness.
- Knowledge of, and experience applying, multiple models of threat actor behavior, such as the MITRE ATT&CK Framework, Cyber Kill Chain, Diamond Model, and Adversary Lifecycle Analysis.
- Ability to provide adversary mitigation recommendations and to present executive-level recommendations in light of novel and technically complicated attack scenarios.
- Ability to demonstrate extensive knowledge of relevant technical cyber security subjects through any combination of formal education awards, professional certifications, conference presentations, published technical papers, unpublished primary research, contributions to the infosec community or open source software, authoritative personal recommendations, or similar.
Desired:
- Python, SQL experience
This role will be remote in EMEA with a preference for candidates located in UK / Ireland
What We OfferThere are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.
Twilio thinks big. Do you?We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.
So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!
If this role isn't what you're looking for, please consider other open positions.
Twilio is proud to be an equal opportunity employer. Twilio is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.
Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at accommodation@twilio.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics APT Big Data Cloud Cyber defense Cyber Kill Chain Log analysis Log files MITRE ATT&CK Open Source Python SQL Vulnerabilities
Perks/benefits: Career development Competitive pay Flex vacation Health care Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Senior Cyber Security Specialist jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs