See yourself at Twilio

Join the team as our next Security Engineer- Vulnerability Management

Who we are & why were hiring

Twilio powers real-time business communications & data solutions that help companies & developers worldwide build better applications & customer experiences.

Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia & Australia. We're on a journey to becoming a global company that actively opposes racism & all forms of oppression & bias. At Twilio, we support diversity, equity & inclusion wherever we do business.

About the job

Twilio is currently seeking a proficient Security Engineer to be an integral part of our dynamic Threat & Vulnerability Management team. This role is pivotal in reducing risks for both Twilio & its clients by efficiently managing vulnerabilities within our systems & products.

The ideal candidate for this role should be an exceptional individual contributor, embodying  the Twilio Magic. & possessing deep expertise in managing security vulnerabilities. This candidate will have the opportunity to work across the enterprise, collaborating with all business units, including Business information Security Officers (BISOs), Threat Detection & Response, Threat Intelligence, Security Architects, & Security Engineers, among others. Their role will be to help identify threats & vulnerabilities, prioritize & analyze them, & assist in reporting & supporting remediation efforts. 

Reporting to the Head of Threat & Vulnerability Management, this position is crucial in maintaining & communicating Twilios risk posture to the management team.

Responsibilities

In this role, youll:

• Manage Vulnerability Management infrastructure in our production environment for commercial & government environments.
• Leverage vulnerability scanning tools to perform vulnerability management scans on a regular cadence.
• Perform analysis of scan results & determine criticality ratings for vulnerabilities impacting all production environments.
• As vulnerabilities are surfaced through penetration tests, news, & other reporting, map findings to Twilios environment to determine risk & outcomes.
• Collaborate with key stakeholders on remediation strategies, provide guidance, & follow through closure.
• Report on & track all open vulnerabilities & key metrics around time to completion.
• Identify potential for & implement automation between scanning & reporting tools.

Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, & we encourage everyone who meets the required qualifications to apply. While having desired qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• You have 3+ years of professional experience in information security, with a focus on vulnerability management.
• Strong understanding of security vulnerabilities, threat landscapes, & mitigation techniques.
• Experience with vulnerability scanning tools & techniques.
• Proficiency in scripting or programming languages (e.g., Python, Bash, etc.) for automation of security tasks.
• Excellent problem-solving skills & ability to work under pressure.
• Flexible & able to manage multiple projects under tight deadlines.
• Comfortable with ambiguity & adaptable to fast changing environments
• Strong communication skills, both written & verbal, with the ability to convey complex security concepts to technical & non-technical audiences.

Desired:

• Relevant security certifications (e.g., CISSP, CEH, OSCP) are a plus.
• Experience operating in a production cloud environment, with expertise in at least one of: server, network, cloud, database; AWS admin & configuration management skills preferred.
• Familiarity with regulatory compliance standards & risk frameworks, including GDPR, HIPAA, SOC 2, ISO 27001 & ISO 27002, & NIST 800-53 & NIST CFS is a plus

Location 

This role will be based in our Remote & based in Colombia.  

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental & wellness leave, healthcare, a retirement savings program, & much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, & are always up for trying new things. That's why we seek out colleagues who embody our values something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering & donation efforts.

So, if you're ready to unleash your full potential, do your best work, & be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.