Senior, Information Security Auditor Lead - Security Customer Enablement

This position is needed to help build out and lead Twilio’s Global Information Security Customer Audit Program. In this pivotal role, you will play a crucial part in establishing and overseeing Twilio's Global Information Security Customer Audit Program, specifically catering to audits requested by some of our most prominent and highly regulated customers. As a vital contributor to our enterprise-level operations, your responsibilities will extend across all our product offerings. This position offers you the opportunity to assume the primary leadership role in conducting information security customer audits, making a significant impact on our organization's security and compliance landscape, while earning the trust of our customers.

Responsibilities

In this role, you’ll:

• Develop and implement an Information Security Customer Audit Program, defining strategic vision, roadmap, runbooks, documentation, and evidence collateral tracking
• Manage multiple customer audit engagements concurrently, often working independently while collaborating effectively with various internal teams to gather evidence
• Assess and interpret customer and contractual requirements relevant to audit requests
• Advise and communicate the role and scope of audit and assurance engagement activities clearly to relevant stakeholders
• Review and report on the findings of audit and assurance engagements
• Recommend appropriate strategies to ensure adherence to regulatory standards and internal controls.
• Demonstrate proactive thinking and strategic planning, anticipating organizational needs and recognizing the wider business environment and dynamics
• Mentor and develop junior team members, fostering a culture of growth and excellence
• Apply strong business acumen and commercial awareness to align audit objectives with overall business goals
• Foster collaborative relationships with various internal teams across Twilio to facilitate seamless audit processes

Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• 5-7+ years of hands-on experience with auditing and/or maintaining information security-based controls
• Experience in a customer-facing technical role (internal or external based customers)
• Must possess exceptional communication skills, both oral and written, along with strong technical audit capabilities, organizational, analytical, and problem-solving and communication skills preferably in a risk or security context
• A deep understanding of security concepts and technology, including encryption, networking, operating systems, databases, telephony, middleware, and applications, ideally in a cloud environment
• Familiarity with cloud technologies and APIs will be an advantage
• Working knowledge of common security frameworks and regulatory requirements such as NIST, SOC, ISO/IEC 2700X, GDPR, HIPAA, and PCI
• Self-driven, autonomous and can contribute to the strategy and roadmap of the team, while having strong attention to detail and quality
• You have or would be willing to obtain certification(s) such as: CISA, CCSP, CCSK, CRISC, CISM, or CISSP

Desired:

• Experience in leading multiple audit engagements concurrently and independently
• Experience supporting a sales function, ideally in technology and are comfortable balancing competing priorities
• Experience reviewing and redlining contracts
• Experience developing and maintaining internal educational documentation and external Security Audit enablement content (whitepapers, presentations, training, website content, etc.)
• Experience with developing technical standards, and operational guidelines

Location 

This role will be remotebut is not eligible to be hired in San Francisco, CA, Oakland, CA, San Jose, CA, or the surrounding areas.

Approximately 15-30% travel is anticipated. 

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.

The estimated pay ranges for this role are as follows:

• Based in Colorado: $120.000 - $150,000
• Based in New York, Washington State or California (outside the San Francisco Bay Area): $127,000 - $159,000
• This role may be eligible to participate in Twilio’s equity plan. All roles are eligible for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave.

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state. 

Twilio is proud to be an equal opportunity employer. Twilio is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.

Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at [email protected].