Security Engineer, Incident Response (L2)

Remote - US

Applications have closed

Twilio

Connect with customers on their preferred channels—anywhere in the world. Quickly integrate powerful communication APIs to start building solutions for SMS and WhatsApp messaging, voice, video, and email.

View company page

See yourself at Twilio

Join the team as our next Security Engineer, Incident Response (L2).

Who we are & why we’re hiring

Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.

Although we're headquartered in San Francisco, we're on a journey to becoming a globally antiracist company that supports diversity, equity & inclusion wherever we do business. We employ thousands of Twilions worldwide, and we're looking for more builders, creators, and visionaries to help fuel our growth momentum.

About the job

This position is needed to maintain customer trust through extraordinary discipline and technical support. Twilio’s Threat Detection and Response (TDR) team is responsible for detecting and responding to all security incidents on Twilio’s complex global network. TDR Security Engineers support this mission by working across the organization to identify and collect useful sources of data, understand security architectures and capabilities, oversee our holistic vulnerability management program, and lead our incident response efforts.

Responsibilities

In this role, you’ll:

  • Ruthlessly Prioritize:
    • Triaging and developing security alerts and response automation and conducting front-line analysis
    • Engaging with cross-functional partners to identify and understand new data sources, tune false positives, and centralize data in aggregation platforms
    • Understanding security vulnerabilities, attacker exploit techniques, and methods for their remediation.
  • Be an Owner: Understanding best practices in network security, security operations, systems security, incident response and security engineering. 
  • Don’t Settle: Suggesting/implementing improvements to detection signals based on operational experience.
  • Draw the Owl: Execute on the vision and innovation, standards, development processes, systems architecture, and design patterns being built by Twilio, and spread the knowledge.
Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

 

Required:

  • 3+ years of experience in Information Security with a focus on incident response, security engineering, and/or intrusion detection
  • Experience with log analysis and forensic tools.
  • Experience with AWS, GCP, and vendor SaaS Integrations
  • Experience with automation
  • Commitment to sharing experiences and good security practices with the community.
  • Schedule: ability to work non-standard, on-call rotation weekend and holiday hours

Desired:

  • BigQuery & Sumo Logic knowledge 
  • Experience developing content or detection mechanisms in line with MITRE ATT&CK or the Cyber Kill Chain frameworks.
  • Experience developing playbooks, runbooks, troubleshoot technical issues, and recognize and identify patterns 
  • Experience with building security tool

 

Location 

This role will be remote.

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.



*Please note this role is open to candidates outside of Colorado as well. The information below is provided for those hired in Colorado only.

*If you are a Colorado applicant:

  • The estimated pay range for this role, based in Colorado, is $79,408 - $124,784
  • Non-Sales: Additionally, this role is eligible to participate in Twilio's equity plan.

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state. This role is also eligible to participate in Twilio’s equity plan and for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave.

Tags: Automation AWS Cyber Kill Chain Exploit GCP Incident response Intrusion detection Log analysis MITRE ATT&CK Network security SaaS Threat detection Vulnerabilities Vulnerability management

Perks/benefits: 401(k) matching Career development Competitive pay Equity Health care Parental leave

Regions: Remote/Anywhere North America
Country: United States
Job stats:  27  6  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.