Business Information Security Officer

This position is needed to support our Communications R&D Business Unit (BU). The BISO is a strategic and tactical partner with BU leadership and stakeholders to markedly improve information-security posture over time by maturing all technical and administrative security capabilities; capturing, prioritizing, reporting on and reducing security risks, and ensuring overall strategic alignment between the BU and Trust & Security organization. Ideally, the BISO will collaborate with BU leaders to create a multi-year security roadmap to tackle the particular challenges the BU faces.

The BISO will lead a team of embedded security resources to deliver agreed-upon security priorities and work efforts for the Communications R&D Business Unit, while using capabilities from the centralized security teams and the BU technical teams

Responsibilities

In this role, you’ll:

• Formulate, articulate, and align key stakeholders on a risk-based strategy to mature the security posture of the BU
• Proactively partner with BU leadership to ensure security is built into annual BU priorities and measures. This is a bi-directional process, as central security will also work to support universal BU priorities
• Maintain a strong understanding of BU products and supporting infrastructure to effectively manage the threat and risk landscape
• Work with BU leadership to determine acceptable levels of security risk for the BU, and drive risk management strategy from that, raising the bar each year
• Ensure new products and services have appropriate security requirements embedded from the start by closely partnering with R&D resources
• Circulate and leverage meaningful metrics to guide program and spending decisions, educate stakeholders, and measure program operations and overall BU security posture. Metrics will be the main way you conduct this orchestra!
• Align with enterprise security leaders to scale security within the BU by driving adoption of automation and tooling; for us, this is shifting left, but with automation within their existing workflows
• Foster an inclusive, transparent, and development-focused environment for embedded security resources
• Support enterprise and BU regulatory and compliance requirements, and develop implementation strategies that minimize operational impact and disruption to the BU

Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• 10+ years experience working in a security-focused role in a technology-related industry, including 5+ years in a leadership/managerial position.
• Proven history delivering meaningful security maturity across multiple domains within a program or BU; success is quantified by metrics you consistently use to drive the business to a permanently better security place. Metrics also measure your effectiveness in this role
• Proven understanding of risk and vulnerability remediation, best practises when t comes to reducing risks across complex environments and proven track record of working with technical collaborators. 
• Proven, proactive communication and interpersonal skills to build and maintain BU relationships, particularly with GMs and their senior leaders.
• Anticipate needs and create clarity where needed; understand the top risks and security issues across the communications BU and be able to adapt roadmaps to address most active risk.
• Proven ability to influence and negotiate with stakeholders dealing with competing priorities.
• Effectively manage matrixed resources to get results; provide early-and-often status universally.
• Successfully deliver prioritized security milestones and projects on-time through collaborative, cross-functional team effort, across Security Engineering and R&D Engineering teams. 
• Experience working successfully in a distributed-systems environment with cloud-native deployment models.
• Experience in serving as the escalation path for information security issues and inquiries, including incidents and customer escalations.

Desired:

• 3+ years experience working in a highly technical, security-focused role, e.g. engineer or architect.
• Experience working successfully in both a disparate and modern SaaS technology stack.
• Experience working in enterprise software and/or traditional data center deployment models.
• Passionate about developing and mentoring other security team members; you have your succession plan at the ready because of it.
• Understanding of industry regulations and compliance requirements related to voice, video, and SMS/MMS services. Ensure our products and systems meet all necessary regulatory standards and security protocols

Location 

This role will be remotebut is not eligible to be hired in San Francisco, CA, Oakland, CA, San Jose, CA, or the surrounding areas

Approximately <5% travel is anticipated. 

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.

The estimated pay ranges for this role are as follows:

• Based in Colorado: $176,000 - $220,000
• Based in New York, Washington State or California (outside the San Francisco Bay Area): $187,000 - $233,000
• This role may be eligible to participate in Twilio’s equity plan. All roles are eligible for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave.

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state. 

Twilio is proud to be an equal opportunity employer. Twilio is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.

Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at [email protected].