Staff Engineer

Summary

Join Twilio as a Staff Security Engineer specializing in Insider Risk Programs, contributing to the Threat Detection and Response group. Investigate potential risks to Twilio and its workforce from internal and external actors. Collaborate with various stakeholders, including legal, HR, and end-users, to address findings. Conduct thorough investigations, interviews, and document results accurately. Produce high-quality reports for senior management. Develop and formalize runbooks and standard operating procedures to mitigate insider risk. Support the team with analytical and project tasks. This role offers a blend of in-office and remote work options in Canada.

Requirements

• 6+ years of hands-on cyber security investigations experience in law enforcement, counterintelligence, or private sector industry equivalent
• Experience with emerging cloud technology services and their effect on digital investigations
• Experience interviewing cyber risk actors in particular Insider risk actors and impacted individuals
• Knowledge of Insider risk/Data Loss Prevention programs, incident management and investigative programs
• Basic scripting and coding skills (Powershell, VBscript, Bash, Python, SQL, etc..)
• Excellent written and verbal communication skills
• Ability to influence and build effective working relationships with all levels of the organization
• Flexible to work additional hours during incidents and provide team support as needed

Responsibilities

• Collaborating and acting as a liaison between Insider risk analysts and End users, Legal, HR, other stakeholders to address findings
• Assess and investigate complex insider risk incidents and digital behaviours of concern, providing a thorough and mature investigative process from start to end
• Demonstrate an expert level of business acumen and employment legal considerations throughout the investigations
• Conduct sensitive interviews of persons of interest during insider risk investigations
• Examine the case summary provided by the Insider risk analysts and evaluate the appropriate course of action to mitigate the identified security concern within daily operations and incident reviews
• Document investigative results in an articulate manner to ensure accurate reporting, tracking and documentation of incidents and behaviors of concern through the entire lifecycle of the incident
• Produce high quality investigative reports, assessments and briefings for senior management and stakeholders
• Convey complex security issues to both technical and non-technical audiences with clarity and impact
• Collaborate closely with the Insider Risk Program Manager and cross-functional partners, including Employee Relations, Employment Legal, and HR, to develop and formalize comprehensive runbooks and standard operating procedures that proactively address and mitigate insider risk
• Capable of undertaking analytical and project tasks to support the team as needed

Preferred Qualifications

Experience with cyber security tools, UEBA/DLP/SIEM/SOAR is a plus

Benefits

• Generous time-off
• Ample parental and wellness leave
• Healthcare
• A retirement savings program