Senior Security Engineer, Incident Response
See yourself at Twilio
Join the team as our next Senior Security Engineer, Incident Response on Twilio’s Security Incident Response Team (SIRT).
Who we are & why we’re hiring
Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.
Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia. We're on a journey to becoming a global company that actively opposes racism and all forms of oppression and bias. At Twilio, we support diversity, equity & inclusion wherever we do business.
About the job
The Security Incident Response Engineer will be responsible for responding to all security events and incidents across Twilio’s global infrastructure, services and applications. The Security Incident Response Team (SIRT) supports Twilio’s mission of security and reliability by working across the organization to lead the response to security events and incidents across Twilio by effectively conducting triage, containment, remediation and driving post-incident betterments.
In this role, you’ll:
- Lead and support the response to all security events and incidents across Twilio’s complex global infrastructure, services and applications.
- Own the security incident lifecycle, respond to incidents and participate in on-call rotation and participate in RCAs for security incidents.
- Work to improve Twilio’s security and reliability posture by driving identified betterments from security events and incidents.
- Support large projects end-to-end that will improve Twilio’s Threat Detection and Response (TDR) capabilities and initiatives.
- Be responsible for documentation of incidents and projects you work on and craft best practices as runbooks and standard operating procedures to share knowledge across teams
- Rapidly acquire new technical skills and knowledge in a fast-paced, highly disruptive industry environment.
- Understand security vulnerabilities, attacker exploit techniques, and methods for their remediation.
- Execute on the vision and develop creative innovative approaches to accelerate threat response and remediation of security incidents.
Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!
- 5+ years of experience in Cybersecurity with a focus on incident response, digital forensics, security engineering, and/or intrusion detection.
- Experience with log analysis and forensic tools.
- Experience with AWS, GCP or other public cloud infrastructure platforms.
- Experience with REST API, container and serverless security.
- Expertise in solving complex production security issues..
- Experience with Sumo Logic & Bigquery.
- Experience with automation.
- Communicate clearly and concisely, orally and in writing.
- Desire to collaborate across teams on best practices to build, test and operate security incident response capabilities at scale.
- Schedule: ability to work ‘non-standard’ hours, to overlap as needed with colleagues and stakeholders in other global locations, and with the potential for future on-call rotation, including weekend and holiday hours.
- Experience leveraging automation to improve operational security metrics and dashboards by identifying security response gaps in systems, services and processes and propose and deliver solutions to close security monitoring gaps.
- You are proficient in cloud technologies and are hands-on in at least one cloud platform: GCP, AWS, or Azure. You are able to both design and develop cloud-based automated security response playbooks and operate them in an automated fashion.
- Experience with SaaS applications and security vulnerabilities.
This role will be Remote and based in Ireland
What We Offer
There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.
Twilio thinks big. Do you?
We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.
So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!
If this role isn't what you're looking for, please consider other open positions.
Twilio is proud to be an equal opportunity employer. Twilio is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.