Information Security Compliance Analyst

Remote - US


Connect with customers on their preferred channels—anywhere in the world. Quickly integrate powerful communication APIs to start building solutions for SMS and WhatsApp messaging, voice, video, and email.

View company page

See yourself at Twilio

Join the team as Twilio’s next  Information Security Compliance Analyst.

Who we are & why we’re hiring

Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.

Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia. We're on a journey to becoming a global company that actively opposes racism and all forms of oppression and bias. At Twilio, we support diversity, equity & inclusion wherever we do business.

About the job

This position is needed to assist in Twilio's current and future security and compliance initiatives, including monitoring compliance progress across frameworks and regulations (e.g. GDPR, PCI-DSS, SSAE 18/SOC, ISO/IEC, HIPAA/HITRUST, FedRAMP, NIST 800-53, NIST CSF, UCF, SCF, etc.). 

The Information Security Compliance Analyst plays a key role in the planning, monitoring, and maintenance of Twilio’s security, privacy, and industry-relevant certifications. The Analyst will assist in the administration of internal and external assessments against Twilio's information systems, services, and teams. The Analyst will also assist in maintaining the organization’s unified control framework, including performing consistent review of the control environment, cross-framework and regulation mapping, and reporting on framework updates and impacts to the organization.


In this role, you’ll:

  • Perform project management functions, such as managing project timelines, project plans, project scoping, status reports and statistics and reporting ongoing status to leadership
  • Perform continuous independent reviews of internal documentation and processes for alignment to existing compliance obligations 
  • Partner with internal cross-functional stakeholders to ensure compliance requirements are built into standard processes, procedures, and systems
  • Assist in managing the ISO/IEC 27001 Information Security Management System (ISMS) and the Payment Card Industry-Data Security Standard (PCI-DSS) charter for the organization
  • Assist in maintaining a centralized control repository with evidence and stakeholder mapping, as well monitoring and updating team-specific audit playbooks


Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!


  • 2+ years of compliance, governance, risk, and/or audit experience with relevant industry regulations and standards (e.g. SOX, PCI, GDPR, ISO/IEC 27001, HIPAA, SOC2, NIST, etc.)
  • 2+ years of experience in a project management capacity in a governance, risk, audit, or compliance related function
  • Strong attention to detail, analytical, and statistical skills; strong verbal and written communication skills
  • Ability to take charge, set objectives, and drive results in a fully remote environment
  • Demonstrate confidence in interacting with stakeholders at all levels and be a team player  


  • Experience working with ERP systems (e.g. Okta, Workday, Oracle, ServiceNow, and home-grown applications is preferred)
  • Compliance, technology, risk, privacy, governance or other industry-related certifications (current or in progress; e.g. CISA, CISSP, QSA, CIS LA, etc.) highly preferred
  • Familiarity with cloud computing and working with public cloud solutions (e.g. AWS, GCP, Azure, etc.)
  • Experience working for or particular interest in the telecommunications industry


This role will be remote and located in the U.S.

Approximately 10% travel is anticipated. 

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.

The estimated pay ranges for this role are as follows:

  • Based in Colorado: $90,000-$110,000.
  • This role may be eligible to participate in Twilio’s equity plan. All roles are eligible for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave.

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state. 

Twilio is proud to be an equal opportunity employer. Twilio is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.

Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at

Apply now Apply later
  • Share this job via
  • or

Tags: AWS Azure CISA CISSP Cloud Compliance ERP FedRAMP GCP GDPR Governance HIPAA HITRUST ISMS Monitoring NIST Okta Oracle Privacy SOC SOC 2

Perks/benefits: 401(k) matching Competitive pay Equity Flex vacation Health care Insurance Medical leave Parental leave Wellness

Regions: Remote/Anywhere North America
Country: United States
Job stats:  53  17  1

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.