Analyst, Security Risk

Summary

Join Twilio as a Security Risk Analyst and contribute to the growth and maturity of risk practices within a dynamic organization. You will be responsible for managing the One Twilio Risk Management program, including establishing processes and operations for all areas of cyber risk. This role involves collaborating with cross-functional teams, reviewing risk mitigation strategies, preparing risk reports, and analyzing risk data to assess trends and develop predictive models. You will also coordinate with internal and external auditors, provide training on risk management, and participate in the development of risk management policies and frameworks.

Requirements

• 2+ years of Risk Management experience, working with security-centric risk management and compliance frameworks
• Experience implementing (building and operationalizing) an industry accepted risk framework including but not limited to NIST Risk Management Framework, COSO Enterprise Risk Management, or ISO 31000
• Ability to identify, analyze, and quantify risks from a technical perspective and experience implementing and operationalizing qualitative and quantitative risk analysis, including the performance, benefits, and when to use various types of analysis
• Proven track record of managing risk assessments, risk registers, and compliance programs
• Experience of working with technical security and Engineering / IT to implement technical risk/control solutions with the ability to interpret control requirements and relay those to different stakeholder groups with strong technical knowledge
• Biased towards automation and tooling to scale program impact and reach
• Excellent verbal, written, and interpersonal skills
• Flexible and able to manage multiple projects under tight deadlines
• Comfortable with ambiguity and adaptable to fast changing environments
• Strategic thinker and problem solver with exceptional communication skills

Responsibilities

• Manage the daily management and oversight of the One Twilio Risk Management program which includes establishing processes and operations for all areas of cyber risk
• Help create, manage, and maintain risk register(s) to track key risk indicators (KRIs) and ensure risks are identified, evaluated, and mitigated appropriately
• Collaborate with cross-functional teams to ensure proper control and risk mechanisms are in place
• Review and assess the effectiveness of risk mitigation strategies and recommend improvements
• Prepare and deliver regular risk reports, dashboards, and presentations to internal and external stakeholders, highlighting key risk trends, issues, and mitigation efforts
• Analyze risk data from various sources to assess trends and develop predictive models for potential risks
• Use data analytics and risk modeling tools to assess the financial, operational, and security impact of risks
• Develop ad-hoc reports and presentations as required to support risk decision-making
• Coordinate with internal and external auditors to support compliance assessments and resolve any risk-related findings
• Provide training to internal teams on risk management processes, controls, and best practices
• Participate in the development of risk management policies, procedures, and frameworks
• Work with the risk management and compliance teams to enhance organizational risk culture and awareness

Preferred Qualifications

• Bachelor’s degree in Risk Management, Business, Finance, Cybersecurity, or a related field
• Professional certifications (e.g., CRISC, CISA, CISSP, FRM) are a plus
• Strong analytical and problem-solving skills with the ability to interpret complex data and present actionable insights
• Excellent communication skills, with the ability to translate risk findings into clear, actionable recommendations for leadership
• Proficient with risk management software and tools (e.g., RSA Archer, MetricStream, ServiceNow)
• Experience with project management and working across multiple teams and departments
• Strategic Thinking: Ability to think critically about organizational risks and provide proactive recommendations
• Attention to Detail: Ensuring thorough risk assessments and accurate reporting
• Collaboration: Effectively working with internal and external stakeholders to mitigate risks
• Leadership: Ability to take ownership of projects and lead initiatives in risk management processes

Benefits

• There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more
• Offerings vary by location