See yourself at Twilio
Join the team as our next Content Developer/Security Engineer - Insider Risk
Who we are & why were hiring
Twilio powers real-time business communications & data solutions that help companies & developers worldwide build better applications & customer experiences.
Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia & Australia. We're on a journey to becoming a globally anti-racist, anti-oppressive, anti-bias company that actively opposes racism & all forms of oppression & bias. At Twilio, we support diversity, equity & inclusion wherever we do business. We employ thousands of Twilions worldwide, & we're looking for more builders, creators, & visionaries to help fuel our growth momentum.
About the job
This position is needed to continue developing content for Twilios Insider Risk program. As part of the Threat detection & response organization, this growing team protects the business by detecting & investigating internal threats through monitoring of insider activity based on proven analytics & indicators of risk such as malicious & accidental misuse of otherwise legitimate access to data from people inside the company.
In this role, youll:
- Developing content, building threat models, threat policies in Twilios insider threat management tool.
- Develop & qualify new use cases, development of rules, testing, & tuning within associated technologies.
- Leverage user behavior analytics [UEBA] to develop a holistic understanding of potential high-risk employee behavior involving cloud infrastructure, network & endpoints.
- Collaborating with multiple stakeholders/vendors & implementing the integrations to various data sources that improves the ability to prevent, detect & respond to insider risks.
- Partner with other groups within the organization & vendor to identify, implement, & document processes to mitigate insider risks & implement the Data Loss Prevention controls.
- Working closely with insider threat analysts to identify gaps, & develop technical & non-technical indicators.
- Leading the creation of metric based reporting to aid in identification of risks, support continuous risk reduction, & constantly seeking opportunities to improve effectiveness of DLP controls.
- Delivering effective, timely & succinct communication of important topics, & issues to relevant business partners.
- Support the quality execution of Insider Threat program projects in accordance with project timelines.
Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, & we encourage everyone who meets the required qualifications to apply. While having desired qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!
- 4+ years of IT experience with at least 2 years in an information security role, & software development related experience.
- Experience with Cloud based log analytical tools and/or sumo logic, DLP/Insider Threat tools like Prisma, Digital Guardian, Proofpoint TAP, Proofpoint ITM, AWS GuardDuty.
- Experience in writing/consuming APIs.
- 3 years of experience in UEBA/UBA technologies such as Securonix, SNYPR etc
- Experience in anomaly detection, data analytics, behavior analytics, TTPs, data classification.
- Strong knowledge of cloud service provider environments, like AWS, GCP to identify potential Insider risks, protect sensitive data, & mitigation strategies by incorporating UEBA.
- Broad knowledge of Cloud Solutions (IaaS, PaaS, SaaS), IT technologies, operating systems, applications & network security platforms, Including Security Information & Event Management (SIEM) systems.
- Strong verbal/written communication with ability to effectively interact with individuals at all levels of responsibility & authority.
- Strong troubleshooting & organizational skills.
- Strong analytical skills with an aptitude of tracking down the numerous logs to derive substantial data.
- Ability to work between the hours of 9:00 AM - 5:30 PM EST (Eastern Standard Time zone) OR 9:00 AM - 5:30 PM PST (Pacific Standard Time zone), including the flexibility to work additional hours to support during incidents.
- AWS/GCP cloud certification.
- BS in Cyber Security, Information Systems, Information Technology, or Computer Science.
- Experience with SOAR concepts, implementation & execution is a plus.
- Experience in scripting languages such as Python, Java.
- Excellent written & verbal communication skills.
- Ability to influence & build effective working relationships with all levels of the organization.
This role will be based in our India-APAC region. This role will be in-office or remote.
What We Offer
There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental & wellness leave, healthcare, a retirement savings program, & much more. Offerings vary by location.
Twilio is proud to be an equal opportunity employer. Twilio is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state & local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.
Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities & disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at firstname.lastname@example.org.