developer-apis enterprise-software telephony
San Francisco, CA, US

Sr. Security Engineer - Monitoring and Incident Response


 About the job:

  • This is a Senior Security Engineer role, reporting to the Manager of Security Monitoring and Incident Response, focused on leading the development of capabilities to detect and defend the Twilio Enterprise, Twilio Customers and the Twilio Platform.
  • Successful candidates will have strong backgrounds in the following areas:
    • Systems Engineering Principles
    • Offensive and Defensive Tactics and Techniques
    • Network and Host Security Principles
    • Analytical Thinking
    • Tool Development
    • Documentation
    • Vulnerability Identification, Triage and Management


  • Be part of a small, agile, high-impact and multi-talented Security team in San Francisco.
  • Use data that we have or Seek out new data and develop visualizations, alerts, and triage
  • Develop tooling and process at scale
  • Drive the technologies and policies needed to secure all facets of Twilio.
  • Coordinate with our Product Security, Corporate Security and Cloud Operations on a regular basis to drive security-posture requirements and improvements.
  • Excel as an engineer and be a productive member of the team where leadership is a behavioral trait, not a title.



  1. Security monitoring program: You are able to build out and run a successful security-monitoring capability for a cloud or enterprise environment, complete with repeatable processes and periodic tuning.  You are able to identify and detect the abnormal with the goal of defending the enterprise.
  2. Vulnerability management program: You are able to develop tooling that will assist in identifying vulnerabilities and their potential impact to the Twilio platform. We encourage internal white-hat hacking as a way to continuously improve our security posture.
  3. Security-incident response: You stay cool, calm and collected when managing security incidents. You are able to identify security issues, perform triage and response. You are able to provide timely, clear and concise guidance in the heat of the moment. You have participated in forensically sound investigations, and you have experience responding to a wide range of security threats.
  4. Cloud: You are proficient in cloud-security technologies, have in-depth experience with and can articulate knowledge of IaaS primitives.  You currently operate in a cloud-based environment.
  5. Tools: You have experience building and maintaining custom tools, scripts and applications to assist in the security incident-response process and vulnerability identification.  You have experience selecting and implementing off-the-shelf products as well.
  6. Security awareness: You maintain a current awareness of common attack vectors for networks , hosts and software. Educating internal engineers on best practices for cloud-infrastructure security, enterprise security and application security.   
  7. Documentation: You take pride in your ability to document what you do. If it is not documented, it is not measured.

Bonus points:

  • You understand what we mean by “Kill Chain” or “The Incident Response Hierarchy of Needs”
  • Big Data, Small Data it is all the same to you!!
  • You understand and can articulate knowledge of AWS primitives and their behaviors on the network.
  • You have a background in hands-on software engineering following agile software development practices. You're not necessarily a software engineer today, but you've written code before.


About us:

Twilio's mission is to fuel the future of communications. Developers and businesses use Twilio to make communications relevant and contextual by embedding messaging, voice and video capabilities directly into their software applications. Founded in 2008, Twilio has over 650 employees, with headquarters in San Francisco and other offices in Bogotá, Dublin, Hong Kong, London, Madrid, Mountain View, Munich, New York City, Singapore and Tallinn.

Twilio is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status and operate in compliance with the San Francisco Fair Chance Ordinance. #LI-POST

Work with this stack