Because you belong at Twilio
The Who, What, Why and Where
The Senior Information Security Compliance Engagement Analyst will be a key member of the Security Compliance Assurance program at Twilio focused primarily on engagement and compliance activities related to enhancing Twilio’s Compliance posture and supporting internal assessments and certification activities.
This individual will be responsible for working effectively with numerous cross-functional stakeholders across the company (Legal, Finance, IT, HR, Security, Product groups etc.) to engage on all aspects of control and process design, testing, implementation, monitoring, project management, documentation and remediation activities as needed.
Supporting ongoing certification assessments (including SOC2, GDPR, ISO 27001, FEDRAMP, PCI DSS 3.2 and others) will be a key component of the role.
The ideal candidate should be organized and extremely detailed orientated with broad knowledge of IT controls, compliance activities, project management and related best practice standards and methodologies.
- 3+ years of Compliance or Audit experience working with Industry regulations and standards (PCI, GDPR, ISO/IEC 27001, HIPAA, FEDRAMP).
- Minimum of 2 years of relevant FedRAMP Compliance working experience.
- Familiarity with compliance and risk management frameworks, such as FedRAMP, SOC2, SOX, ISO/IEC 27001, PCI, GDPR, Cloud Computing Security Requirements Guide (SRG)
- Experience and familiarity with cloud data security and working with public cloud solutions (AWS)
- Demonstrate strong verbal and written communication skills as well as strong analytical and problem solving abilities
- Strong ability to represent data in graphical form
- CISA, CISM, GIAC, CISSP or other Information Security related designation required
As a Senior Information Security Compliance Engagement Analyst, you will :
- Serve as a key member of the company’s Information Security Compliance Engagement program by supporting ongoing compliance activities and monitoring efforts across different regulations (GDPR, PCI, SOC 2, ISO/IEC, HIPAA, FedRAMP, etc.).
- Create and maintain technical documentation related to FIPS 199, NIST SP 800-37, NIST SP 800-53 REV 4, FISMA A&A, and continuous monitoring, and POA&M management.
- Support evidence collection, and documentation in support of internal and external audits.
- Engage with subject matter experts in order to develop, edit, and revise documentation including standard operating procedures, system security plans, and policies and procedures.
- Manage timelines, project plans, status reports and statistics to ensure milestones, goals and commitments are met.
- Manage internal and external assessment against Twilio’s information systems, services, and teams.
- Review existing IT compliance controls for regulatory updates against FSSC, FFIEC, GLBA, and NIST frameworks.
This role will be play a very important part in helping to establish and mature the control environment at Twilio resulting in an enhanced Security Compliance posture, greater Customer Trust and increased revenue for the company.
Twilio is a company that is empowering the world’s developers with modern communication in order to build better applications. Twilio is truly unique; we are a company committed to your growth, your learning, your development and your entire employee experience. We only win when our employees succeed and we're dedicated to helping you develop your strengths. We invest in weeks dedicated to tackling hard problems and creating your own ideas. We have a cultural foundation built on diversity, inclusion and innovation and we want you and your ideas to thrive at Twilio.
This position cis located in our Denver office located at 1801 California St. Suite 500. You will enjoy our office perks: catered meals, snacks, game room, ergonomic desks, massages, Wednesday dinners, bi-weekly All Hands and more. What you will also get to experience is a company that believes in small teams for maximum impact; seeks well-rounded talent to ensure a full perspective on our Customers’ experience, understands that this is a marathon, not a sprint; that continuously and purposefully builds an inclusive culture where everyone is able to do and be the best version of themselves.
Millions of developers around the world have used Twilio to unlock the magic of communications to improve any human experience. Twilio has democratized communications channels like voice, text, chat, video and email by virtualizing the world’s communications infrastructure through APIs that are simple enough for any developer to use, yet robust enough to power the world’s most demanding applications. By making communications a part of every software developer’s toolkit, Twilio is enabling innovators across every industry — from emerging leaders to the world’s largest organizations — to reinvent how companies engage with their customers.
Twilio's mission is to fuel the future of communications. Developers and businesses use Twilio to make communications relevant and contextual by embedding messaging, voice, and video capabilities directly into their software applications. Founded in 2008, Twilio has over 800 employees, with headquarters in San Francisco and other offices in Bogotá, Dublin, Hong Kong, London, Madrid, Malmö, Mountain View, Munich, New York City, Singapore and Tallinn.