Job Application for Application Security Architect at Twilio

Apply on company website

About us:

• Twilio is migrating the communications industry from its 150-year-old legacy in hardware to its future in software. With our cloud communications platform, we fundamentally change how businesses build solutions for their communications needs.
• Twilio has virtualized the entire telecommunications infrastructure stack into a set of streamlined cloud APIs, introducing agility, global reach and cost savings of flexible, multi-tenant cloud software to the traditionally expensive and slow moving field of telecommunications.
• Hundreds of thousands of developers have incorporated Twilio into their companies and products, deploying everything from complete call centers to work scheduling applications, from mobile marketing and lead management to tools that improve customer security.
• Our customers are the innovators you recognize and respect, from start-ups like Uber, Box and Airbnb, to the agile enterprises including Coca-Cola, the Home Depot, Alaska Airlines, Walmart and more.
• Come help us transform this 1.3 trillion dollar industry with the power and flexibility of software.

About the job:

• Twilio is growing exponentially and we are looking for a security engineer to develop a security roadmap, establish organization-wide practices and work with our engineering team and customers to evolve Twilio's security posture.  
• We are looking for a Security Architect who is interested in securing the next generation of platform systems to support global distribution of Twilio Services.  
• You will receive exposure to the unique set of challenges that come from scaling a global service that has to run at 100% availability. You will identify and build expertise on what it means to operate securely on and as a cloud service.
• The ability to work across multiple parts of the organization is essential for this role, you should excel at talking with engineers and business teams about their posture as well as what steps must be taken to improve it. You should also excel in different areas of security with a strong emphasis on application security and operations security. The ability to convey and evangelize security needs should also extend to conversations with customers and prospects periodically.

Responsibilities: 

• Work on the Twilio Secruity team to evangelize and educate on security and our approaches to it.
• Identify risk and vulnerabilities in our organization then work to mitigate these through systems and repeatable automated practices.
• Work with product management on prioritization and with engineering teams on technical approaches to improve or fix security issues.
• Twilio provides hosted carrier-class phone and messaging services and our customer must have confidence in our approaches to security. You will need to convey complex security problems in terms that security professionals and our customers can easily understand.  
• Take personal responsibility for the security of the Twilio platform, always aiming to improve our readiness against threats. 

Requirements:

• Bachelor degree and 6 to 10 years' Information Security experience, including the development and implementation of Security Architecture programs
• Knowledge of security standard frameworks such as ISO and NIST
• Knowledge of security standards in the following areas: Secure architecture for applications and threat modeling, Unix operating systems, network, firewall, database, wireless, PKI, and encryption.
• Demonstrated experience in the design and assessment of application and mobile secure coding programs
• Demonstrated experience with security architecture design requirements in a regulated environment – SOX, PCI-DSS, Federal and State Privacy Laws
• Knowledge of Identity and Access Management technologies such as Directory Services, Authentication/Authorization, Provisioning, Single Sign On, and Federation
• Demonstrated experience in the development and implementation of security architecture requirements in third party connectivity hosting environment
• Knowledge of securing BYOD environments – including Mobile Device Management
• Excellent communication skills (written/oral)
• Ability to collaborate with the IT & business area professionals.
• Demonstrated skill in managing multiple tasks and projects simultaneously

Bonus points:

• Industry security certifications including CISSP, CCSP, CISM, CEH
• PCI/QSA Training
• The ability to approach technical challenges from a risk management perspective .

Perks:

• Competitive benefits, including medical, dental, vision, 401k and life insurance.
• An Amazon Kindle, $30/month to spend on books and a Twilio track jacket after demoing your first Twilio app in front of the company!
• Pre-tax commuter benefits.
• Catered lunches and a weekly team dinner featuring invited technology and entrepreneurial speakers.
• Excellent gear (we ❤ Apple computers and big monitors — two if you need 'em).
• A strong belief in life/work balance.

*LI-AB1

--

Twilio is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status and operate in compliance with the San Francisco Fair Chance Ordinance.