Security Engineer - Vulnerability Management
Remote - Colombia
Twilio
Connect with customers on their preferred channels—anywhere in the world. Quickly integrate powerful communication APIs to start building solutions for SMS and WhatsApp messaging, voice, video, and email.See yourself at Twilio
Join the team as our next Security Engineer- Vulnerability Management
Who we are & why we’re hiring
Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.
Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia. We're on a journey to becoming a global company that actively opposes racism and all forms of oppression and bias. At Twilio, we support diversity, equity & inclusion wherever we do business.
About the job
Twilio is currently seeking a proficient Security Engineer to be an integral part of our dynamic Threat and Vulnerability Management team. This role is pivotal in reducing risks for both Twilio and its clients by efficiently managing vulnerabilities within our systems and products.
The ideal candidate for this role should be an exceptional individual contributor, embodying the Twilio Magic. and possessing deep expertise in managing security vulnerabilities. This candidate will have the opportunity to work across the enterprise, collaborating with all business units, including Business information Security Officers (BISOs), Threat Detection & Response, Threat Intelligence, Security Architects, and Security Engineers, among others. Their role will be to help identify threats and vulnerabilities, prioritize and analyze them, and assist in reporting and supporting remediation efforts.
Reporting to the Head of Threat and Vulnerability Management, this position is crucial in maintaining and communicating Twilio’s risk posture to the management team.
Responsibilities
In this role, you’ll:
- Manage Vulnerability Management infrastructure in our production environment for commercial & government environments.
- Leverage vulnerability scanning tools to perform vulnerability management scans on a regular cadence.
- Perform analysis of scan results and determine criticality ratings for vulnerabilities impacting all production environments.
- As vulnerabilities are surfaced through penetration tests, news, and other reporting, map findings to Twilio’s environment to determine risk and outcomes.
- Collaborate with key stakeholders on remediation strategies, provide guidance, and follow through closure.
- Report on and track all open vulnerabilities and key metrics around time to completion.
- Identify potential for and implement automation between scanning and reporting tools.
Qualifications
Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!
Required:
- You have 3+ years of professional experience in information security, with a focus on vulnerability management.
- Strong understanding of security vulnerabilities, threat landscapes, and mitigation techniques.
- Experience with vulnerability scanning tools and techniques.
- Proficiency in scripting or programming languages (e.g., Python, Bash, etc.) for automation of security tasks.
- Excellent problem-solving skills and ability to work under pressure.
- Flexible and able to manage multiple projects under tight deadlines.
- Comfortable with ambiguity and adaptable to fast changing environments
- Strong communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical audiences.
Desired:
- Relevant security certifications (e.g., CISSP, CEH, OSCP) are a plus.
- Experience operating in a production cloud environment, with expertise in at least one of: server, network, cloud, database; AWS admin and configuration management skills preferred.
- Familiarity with regulatory compliance standards and risk frameworks, including GDPR, HIPAA, SOC 2, ISO 27001 & ISO 27002, and NIST 800-53 & NIST CFS is a plus
Location
This role will be based in our Remote and based in Colombia.
What We Offer
There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.
Twilio thinks big. Do you?
We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.
So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!
If this role isn't what you're looking for, please consider other open positions.
Twilio is proud to be an equal opportunity employer. Twilio is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.
Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at accommodation@twilio.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Bash CEH CISSP Cloud Compliance GDPR HIPAA ISO 27001 ISO 27002 NIST NIST 800-53 OSCP Python Scripting SOC SOC 2 Threat detection Threat intelligence Vulnerabilities Vulnerability management
Perks/benefits: Competitive pay Flex hours Flex vacation Health care Medical leave Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs