Lead Security Risk Analyst

Remote - US

Applications have closed
Twilio logo

Posted 1 month ago


Because you belong at Twilio

The Who, What, Why and Where

Twilio Security is a growing team and we’re looking for someone to identify, assess, mitigate, and report on information security risks tied to Twilio technology assets.  This role will work with IT and engineering to execute security risk assessments, including asset criticality, threats, vulnerabilities, and likelihood.  Reporting to the manager of Twilio Risk Management, this position is critical to ensuring Twilio’s risk posture is maintained and communicated to Twilio management.


Twilio is looking for a security leader who lives the Twilio Magic and has a demonstrated track record of driving security change with both engineering and business team stakeholders. They also have:

  • 5+ years in a security engineering or IT security risk role, preferably at a technology company (bonus points for security experience in telecommunications).
  • You have a broad understanding of all security domains and a demonstrated track record of understanding security architecture, network, access control, software development, physical security, cryptography, and operations 
  • You have a strong understanding of qualitative and quantitative risk analysis, including the performance, benefits, and when to use various types of analysis.
  • You have experience with the design and operation of Governance, Risk, and Compliance support systems.
  • You have extraordinary organizational, analytical, and problem-solving skills.
  • Experience with ISO 27001-2, NIST 800-53, and other security controls standards.


As Lead Security Risk Analyst, you will live the Twilio Magic values:

  • Be Bold and Be an Owner: Execute ongoing security risk assessments to prioritize assets, identify security risks, provide necessary security controls/mitigations, and report findings to management
  • Write It Down: Monitor and record risk issues to ensure remediation is completed per company timelines.
  • No Shenanigans: Provide regular risk reports to management.
  • Empower Others: Mentor junior risk management team members.
  • Ruthlessly Prioritize: Support customers and audit requests in a timely manner and always prioritize high risk ones accordingly. 


The Lead Security Risk Analyst is central to protect and support Twilio’s reputation and trust with customers while meeting compliance requirements.  We work closely with the business and engineering leaders to identify and remediate security risk issues.  We identify and mitigate security risks to lessen the chance of a security incident.

Twilio is a company that is empowering the world’s developers with modern communication in order to build better applications. Twilio is truly unique; we are a company committed to your growth, your learning, your development, and your entire employee experience.  We only win when our employees succeed and we're dedicated to helping you develop your strengths. We invest in weeks dedicated to tackling hard problems and creating your own ideas. We have a cultural foundation built on diversity, inclusion, and innovation and we want you and your ideas to thrive at Twilio.


We employ diverse talent from all over the world and we believe great work can be done anywhere. Around the world, Twilio offers benefits and perks to support the physical, financial, and emotional well being of you and your loved ones. No matter where you are based, you will experience a company that believes in small teams for maximum impact; seeks well-rounded talent to ensure a full perspective on our customers’ experience,  understands that this is a marathon, not a sprint; that continuously and purposefully builds an inclusive culture that empowers everyone to do their best work and be the best version of themselves.

About us:

Millions of developers around the world have used Twilio to unlock the magic of communications to improve any human experience. Twilio has democratized communications channels like voice, text, chat, video and email by virtualizing the world’s communications infrastructure through APIs that are simple enough for any developer to use, yet robust enough to power the world’s most demanding applications. By making communications a part of every software developer’s toolkit, Twilio is enabling innovators across every industry — from emerging leaders to the world’s largest organizations — to reinvent how companies engage with their customers.

Job tags: APIs Compliance IT security Mentor NIST Risk management Security