Senior Information Security Compliance Analyst

See more jobs from Twilio Inc

over 4 years old

This job is no longer active

Because you belong at Twilio

The Who, What, Why and Where

Who?

The Senior Information Security Compliance Analyst will be a key member of the Security Compliance Assurance program at Twilio focused primarily on engagement and compliance activities related to enhancing Twilio’s Compliance posture and supporting internal assessments and certification activities.

This individual will be responsible for working effectively with numerous cross-functional stakeholders across the company (Legal, Finance, IT, HR, Security, Product groups etc.) to engage on all aspects of control and process design, testing, implementation, monitoring, project management, documentation and remediation activities as needed.

Supporting ongoing certification assessments (including SOC2, GDPR, ISO 27001, FEDRAMP, PCI DSS 3.2 and others) will be a key component of the role.

The ideal candidate should be organized and extremely detailed orientated with broad knowledge of IT controls, compliance activities, project management and related best practice standards and methodologies. 

  • 3+ years of Compliance or Audit experience working with Industry regulations and standards (PCI, GDPR, ISO/IEC 27001, HIPAA, FEDRAMP). 
  • Minimum of 2 years of relevant FedRAMP Compliance working experience.
  • Familiarity with compliance and risk management frameworks, such as FedRAMP, SOC2, SOX, ISO/IEC 27001, PCI, GDPR, Cloud Computing Security Requirements Guide (SRG)
  • Experience and familiarity with cloud data security and working with public cloud solutions (AWS)
  • Demonstrate strong verbal and written communication skills as well as strong analytical and problem solving abilities
  • Strong ability to represent data in graphical form 
  • CISA, CISM, GIAC, CISSP or other Information Security related designation required 

What?

As a Senior Information Security Compliance Analyst, you will :  

  • Serve as a key member of the company’s Information Security Compliance program by supporting ongoing compliance activities and monitoring efforts across different regulations (GDPR, PCI, SOC 2, ISO/IEC, HIPAA, FedRAMP, etc.).
  • Create and maintain technical documentation related to FIPS 199, NIST SP 800-37, NIST SP 800-53 REV 4, FISMA A&A, and continuous monitoring, and POA&M management.
  • Support evidence collection, and documentation in support of internal and external audits.
  • Engage with subject matter experts in order to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures.
  • Manage timelines, project plans, status reports and statistics to ensure milestones, goals and commitments are met. 
  • Manage internal and external assessment against Twilio’s information systems, services, and teams. 
  • Review existing IT compliance controls for regulatory updates against FSSC, FFIEC, GLBA, and NIST frameworks.


Why?

This role will be play a very important part in helping to establish and mature the control environment at Twilio resulting in an enhanced Security Compliance posture, greater Customer Trust and increased revenue for the company. 

Twilio is a company that is empowering the world’s developers with modern communication in order to build better applications. Twilio is truly unique; we are a company committed to your growth, your learning, your development and your entire employee experience. We only win when our employees succeed and we're dedicated to helping you develop your strengths. We invest in weeks dedicated to tackling hard problems and creating your own ideas. We have a cultural foundation built on diversity, inclusion and innovation and we want you and your ideas to thrive at Twilio. 

Where?

This position cis located in our Denver office located at 1801 California St. Suite 500. You will enjoy our office perks: catered meals, snacks, game room, ergonomic desks, massages, Wednesday dinners, bi-weekly All Hands and more. What you will also get to experience is a company that believes in small teams for maximum impact; seeks well-rounded talent to ensure a full perspective on our Customers’ experience, understands that this is a marathon, not a sprint; that continuously and purposefully builds an inclusive culture where everyone is able to do and be the best version of themselves.

About us:

Millions of developers around the world have used Twilio to unlock the magic of communications to improve any human experience. Twilio has democratized communications channels like voice, text, chat, video and email by virtualizing the world’s communications infrastructure through APIs that are simple enough for any developer to use, yet robust enough to power the world’s most demanding applications. By making communications a part of every software developer’s toolkit, Twilio is enabling innovators across every industry — from emerging leaders to the world’s largest organizations — to reinvent how companies engage with their customers.

Twilio is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.