Information Security Analyst

Who we are

At Twilio were shaping the future of communications all from the comfort of our homes. We deliver innovative solutions tohundreds of thousands of businessesand empower millions of developers worldwide to craft personalized customer experiences.

Our dedication to remote-first work and strong culture of connection and global inclusion means that no matter your location youre part of a vibrant team with diverse experiences making a global impact each day. As we continue to revolutionize how the world interacts were acquiring new skills and experiences that make work feel truly rewarding. Your career at Twilio is in your hands.

We use Artificial Intelligence (AI) to help make our hiring process efficient fair and transparent but automation never makes the final call. Every hiring decision is made by real Twilions ensuring a human touch at every step.

.

See yourself at Twilio

Join the team as Twilios next Information Security Analyst (Risk Management)

About the job

Twilio is seeking a high-impact Senior Security Risk Management Analyst to serve as a primary driver in maturing our global risk function. This is a role for a technical doer who thrives on solving complex puzzles within a modern ecosystem of hybrid cloud microservices and global telecommunications infrastructure. You will be responsible for the full lifecycle of riskfrom daily ticket analysis to executing deep-dive assessments and building the automated workflows that allow our One Twilio Risk program to scale.

The ideal candidate is a Jira power-user with a product security mindsetsomeone who understands that the most effective risk management is integrated directly into the developer workflow. You are someone who proactively fills knowledge gaps and possesses the strategic vision to aid in further maturing our risk management practices.

Responsibilities

In this role youll:

• Risk Assessment & Analysis: Conduct day-to-day risk ticket analysis and lead in-depth assessments of product launches and infrastructure changes to identify and quantify security IT and R&D risks.
• Framework Tailoring: Further operationalize and mature the One Twilio Risk Management framework leveraging risk management frameworks (NIST RMF ISO 27005 etc.) with a specific focus on emerging areas like AI Risk Data Governance Privacy Reliability and Observability.
• Workflow Automation: Build and optimize automated workflows that bridge the gap between compliance requirements and engineering productivity.
• Strategic Triage: Layer compliance frameworks into the risk process providing a unified view of how regulatory and compliance obligations impact our technical risk landscape.
• Risk Communication: Articulate the big picture of risk impact to stakeholders at all levels from engineering teams to executive leadership using data-driven reporting.
• Pragmatic Problem Solving: Implement security risk solutions that are practical and effective ensuring risk management is a business enabler rather than a bottleneck.

Qualifications

Twilio values diverse experiences from all kinds of industries and we encourage everyone who meets the required qualifications to apply. If your career is just starting or hasnt followed a traditional path dont let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

*Required

• Experience: 5 years of direct experience in Security Risk Management with a proven track record of building and operationalizing industry-accepted risk frameworks (e.g. NIST RMF COSO ERM or ISO 31000).
• Technical Domain Expertise: Broad understanding of security architecture networking access control software development cryptography and operations. You should be fluent in how security controls are implemented across applications systems and cloud platforms to reduce inherent risk.
• Risk Methodology: Strong understanding of both qualitative and quantitative risk analysis including the performance benefits and strategic application of various analysis types.
• Stakeholder Partnership: Ability to collaborate with technical Security Engineering and IT teams to implement technical risk solutions and interpret control requirements for diverse stakeholder groups.
• Tooling & Automation: A strong bias toward automation and tooling to scale program impact; advanced proficiency in Jira for workflow orchestration is highly desired.
• Adaptability: Comfortable with ambiguity and highly adaptable to fast-changing high-growth environments.
• Technical Domain Expertise: Deep understanding of hybrid cloud environments (AWS/GCP) on-premise infrastructure and microservices. Experience in the Telecommunications sector is highly preferred.
• Strategic Mindset: Ability to pivot quickly between tactical firefighting and long-term strategic planning. You must be able to identify which risks are the most valuable to report on at any given time.
• Communication: Exceptional written and verbal communication skills with a proven ability to present complex risk topics to non-technical executive audiences. Ability to highlight and report on shared risk responsibility is key. Must be able to manage multiple projects under tight deadlines.

*Desired:

• High-Octane Individual Contributor: You are a self-starter who takes pride in being a force multiplier. You have a proven ability to produce high-quality audit-ready deliverables with minimal oversight.
• Master of Multi-Tasking: Exceptional organizational skills with the ability to context-switch effectively managing a high volume of concurrent projects and tickets without sacrificing depth or accuracy.
• Collaborative Partner: You dont work in a silo. You are skilled at building bridges across R&D Security and IT ensuring that risk management is integrated as a seamless partner.
• Efficiency Expert: You are constantly looking for ways to optimize your own output and team processes turning manual repetitive tasks into streamlined automated successes.
• Executive Presence: Ability to distill granular technical findings into concise high-level summaries that drive decision-making at the leadership level.

Location

This role will be remote and based in Ontario British Columbia or Alberta Canada.

Travel

We prioritize connection and opportunities to build relationships with our customers and each other. For this role you may be required to travel occasionally to participate in project or team in-person meetings.

What We Offer

Working at Twilio offers many benefits including competitive pay generous time off ample parental and wellness leave healthcare a retirement savings program and much more. Offerings vary by location. Based on role employees may also be eligible for additional compensation and benefits including but not limited to incentive programs commissions equity grants health and wellness benefits retirement contributions and paid time off.

The estimated pay ranges for this role are as follows:

• $120640 - 150800 CAD
• Target Bonus Percentage: 15%

The successful candidates starting salary will be determined based on permissible non-discriminatory factors such as skills experience and geographic location.

Twilio thinks big. Do you

We like to solve problems take initiative pitch in when needed and are always up for trying new things. Thats why we seek out colleagues who embody our values something we call Twilio Magic. Additionally we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So if youre ready to unleash your full potential do your best work and be the best version of yourself apply now! If this role isnt what youre looking for please consider other open positions.

Twilio is proud to be an equal opportunity employer. We do not discriminate based upon race religion color national origin sex (including pregnancy childbirth reproductive health decisions or related medical conditions) sexual orientation gender identity gender expression age status as a protected veteran status as an individual with a disability genetic information political views or activity or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories consistent with applicable federal state and local law. Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Additionally Twilio participates in the E-Verify program in certain locations as required by law.