Information Security Compliance Analyst

See yourself at Twilio

Join the team as Twilio’s next  Information Security Compliance Analyst.

Who we are & why we’re hiring

Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.

Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia. We're on a journey to becoming a global company that actively opposes racism and all forms of oppression and bias. At Twilio, we support diversity, equity & inclusion wherever we do business.

About the job

This position is needed to assist in Twilio's current and future security and compliance initiatives, including monitoring compliance progress across frameworks and regulations (e.g. GDPR, PCI-DSS, SSAE 18/SOC, ISO/IEC, HIPAA/HITRUST, FedRAMP, NIST 800-53, NIST CSF, UCF, SCF, etc.). 

The Information Security Compliance Analyst plays a key role in the planning, monitoring, and maintenance of Twilio’s security, privacy, and industry-relevant certifications. The Analyst will assist in the administration of internal and external assessments against Twilio's information systems, services, and teams. The Analyst will also assist in maintaining the organization’s unified control framework, including performing consistent review of the control environment, cross-framework and regulation mapping, and reporting on framework updates and impacts to the organization.

Responsibilities

In this role, you’ll:

• Perform project management functions, such as managing project timelines, project plans, project scoping, status reports and statistics and reporting ongoing status to leadership
• Perform continuous independent reviews of internal documentation and processes for alignment to existing compliance obligations 
• Partner with internal cross-functional stakeholders to ensure compliance requirements are built into standard processes, procedures, and systems
• Assist in managing the ISO/IEC 27001 Information Security Management System (ISMS) and the Payment Card Industry-Data Security Standard (PCI-DSS) charter for the organization
• Assist in maintaining a centralized control repository with evidence and stakeholder mapping, as well monitoring and updating team-specific audit playbooks

Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• 2+ years of compliance, governance, risk, and/or audit experience with relevant industry regulations and standards (e.g. SOX, PCI, GDPR, ISO/IEC 27001, HIPAA, SOC2, NIST, etc.)
• 2+ years of experience in a project management capacity in a governance, risk, audit, or compliance related function
• Strong attention to detail, analytical, and statistical skills; strong verbal and written communication skills
• Ability to take charge, set objectives, and drive results in a fully remote environment
• Demonstrate confidence in interacting with stakeholders at all levels and be a team player  

Desired:

• Experience working with ERP systems (e.g. Okta, Workday, Oracle, ServiceNow, and home-grown applications is preferred)
• Compliance, technology, risk, privacy, governance or other industry-related certifications (current or in progress; e.g. CISA, CISSP, QSA, CIS LA, etc.) highly preferred
• Familiarity with cloud computing and working with public cloud solutions (e.g. AWS, GCP, Azure, etc.)
• Experience working for or particular interest in the telecommunications industry

Location 

This role will be remote and located in the U.S.

Approximately 10% travel is anticipated. 

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.

The estimated pay ranges for this role are as follows:

• Based in Colorado: $90,000-$110,000.
• This role may be eligible to participate in Twilio’s equity plan. All roles are eligible for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave.

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state.