Senior Engineer, Security Incident Response

Summary

Join Twilio's Security Incident Response Team (SIRT) as a Senior Security Engineer, Incident Response. You will lead and support responses to security events and incidents across Twilio's global infrastructure. Responsibilities include owning the security incident lifecycle, improving Twilio's security posture, supporting large projects, and documenting incidents and projects. The role requires 5+ years of cybersecurity experience with a focus on incident response and specific technical skills. The position is remote and based in Canada, with occasional travel. Twilio offers competitive pay, generous time off, parental and wellness leave, healthcare, and a retirement savings program.

Requirements

• 5+ years of experience in Cybersecurity with a focus on incident response, digital forensics, security engineering, and/or intrusion detection
• Experience with log analysis and forensic tools
• Experience with AWS, GCP or other public cloud infrastructure platforms
• Experience with REST API, container and serverless security
• Expertise in solving complex production security issues
• Experience with Sumo Logic & Bigquery
• Experience with automation
• Communicate clearly and concisely, orally and in writing
• Desire to collaborate across teams on best practices to build, test and operate security incident response capabilities at scale
• Schedule: ability to work ‘non-standard’ hours, to overlap as needed with colleagues and stakeholders in other global locations, and with the potential for future on-call rotation, including weekend and holiday hours

Responsibilities

• Lead and support the response to all security events and incidents across Twilio’s complex global infrastructure, services and applications
• Own the security incident lifecycle, respond to incidents and participate in on-call rotation and participate in RCAs for security incidents
• Work to improve Twilio’s security and reliability posture by driving identified betterments from security events and incidents
• Support large projects end-to-end that will improve Twilio’s Threat Detection and Response (TDR) capabilities and initiatives
• Be responsible for documentation of incidents and projects you work on and craft best practices as runbooks and standard operating procedures to share knowledge across teams
• Rapidly acquire new technical skills and knowledge in a fast-paced, highly disruptive industry environment
• Understand security vulnerabilities, attacker exploit techniques, and methods for their remediation
• Execute on the vision and develop creative innovative approaches to accelerate threat response and remediation of security incidents

Preferred Qualifications

• Experience leveraging automation to improve operational security metrics and dashboards by identifying security response gaps in systems, services and processes and propose and deliver solutions to close security monitoring gaps
• You are proficient in cloud technologies and are hands-on in at least one cloud platform: GCP, AWS, or Azure. You are able to both design and develop cloud-based automated security response playbooks and operate them in an automated fashion
• Experience with SaaS application and security vulnerabilities

Benefits

• Competitive pay
• Generous time-off
• Ample parental and wellness leave
• Healthcare
• A retirement savings program