Senior Information Security Compliance Analyst

Remote - US

Full Time
Twilio logo
Twilio
Apply now Apply later

Posted 1 month ago

Because you belong at Twilio

The Who, What, Why and Where

The Senior Information Security Compliance Analyst will be a key member of the Security Compliance Assurance program at Twilio focused primarily on engagement and compliance activities related to enhancing Twilio’s Compliance posture and supporting internal assessments and certification activities.

This individual will be responsible for working effectively with numerous cross-functional stakeholders across the company (Legal, Finance, IT, HR, Security, Product groups etc.) to engage on all aspects of control and process design, testing, implementation, monitoring, project management, documentation and remediation activities as needed.

Who?

Twilio is looking for a leader who lives the Twilio Magic and has a broad knowledge of IT controls and compliance activities. They also have:

  • 3+ years of Compliance or Audit experience working with Industry regulations and standards with a focus on (PCI, GDPR, ISO/IEC 27001, HIPAA, FEDRAMP). 
  • Minimum of 2 years of relevant FedRAMP Compliance working experience.
  • Familiarity with compliance and risk management frameworks, such as FedRAMP, SOC2, SOX, ISO/IEC 27001, PCI, GDPR, Cloud Computing Security Requirements Guide (SRG)
  • Experience and familiarity with HITRUST implementation and certification
  • Experience and familiarity with cloud data security and working with public cloud solutions (AWS)
  • Demonstrate strong project management skills with experience managing and reporting on multiple inflight projects at any one given time
  • Demonstrate strong verbal and written communication skills as well as strong analytical and problem solving abilities
  • Strong ability to represent data in graphical form 
  • CISA, CISM, GIAC, CISSP or other Information Security related designation required 

What?

As a Senior Information Security Compliance Analyst, you will live the Twilio Magic values:  

  • NO SHENANIGANS: Serve as a key member of the company’s Information Security Compliance program by supporting ongoing compliance activities and monitoring efforts across different regulations (GDPR, PCI, SOC 2, ISO/IEC, HIPAA, FedRAMP, etc.).
  • WRITE IT DOWN: Create and maintain technical documentation related to FIPS 199, NIST SP 800-37, NIST SP 800-53 REV 4, FISMA A&A, and continuous monitoring, and POA&M management.
  • EMPOWER OTHERS: Support evidence collection, and documentation in support of internal and external audits.
  • WRITE IT DOWN: Engage with subject matter experts in order to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures.
  • BE AN OWNER: Manage timelines, project plans, status reports and statistics to ensure milestones, goals and commitments are met. 
  • Manage internal and external assessment against Twilio’s information systems, services, and teams. 
  • Review existing IT compliance controls for regulatory updates against FSSC, FFIEC, GLBA, and NIST frameworks.

Why?

This role will play a very important part in helping to establish and mature the control environment at Twilio resulting in an enhanced Security Compliance posture, greater Customer Trust and increased revenue for the company. 

Twilio is a company that is empowering the world’s developers with modern communication in order to build better applications. Twilio is truly unique; we are a company committed to your growth, your learning, your development and your entire employee experience. We only win when our employees succeed and we're dedicated to helping you develop your strengths. We invest in weeks dedicated to tackling hard problems and creating your own ideas. We have a cultural foundation built on diversity, inclusion and innovation and we want you and your ideas to thrive at Twilio. 

Where?

We employ diverse talent from all over the world and we believe great work can be done anywhere. Around the world, Twilio offers benefits and perks to support the physical, financial, and emotional well being of you and your loved ones. No matter where you are based, you will experience a company that believes in small teams for maximum impact; seeks well-rounded talent to ensure a full perspective on our customers’ experience,  understands that this is a marathon, not a sprint; that continuously and purposefully builds an inclusive culture that empowers everyone to do their best work and be the best version of themselves.

About Us

Millions of developers around the world have used Twilio to unlock the magic of communications to improve any human experience. Twilio has democratized communications channels like voice, text, chat, video and email by virtualizing the world’s communications infrastructure through APIs that are simple enough for any developer to use, yet robust enough to power the world’s most demanding applications. By making communications a part of every software developer’s toolkit, Twilio is enabling innovators across every industry — from emerging leaders to the world’s largest organizations — to reinvent how companies engage with their customers.

Job tags: Audits AWS CISA CISM CISSP FedRAMP Finance FISMA GDPR GIAC HITRUST NIST NIST Frameworks PCI SOC 2 SOC2
Share this job: