About Twilio and Why You Should Work with Them

Who we are 

At Twilio, we’re shaping the future of communications, all from the comfort of our homes. We deliver innovative solutions to hundreds of thousands of businesses and empower millions of developers worldwide to craft personalised customer experiences.

Our dedication to remote-first work and strong culture of connection and global inclusion means that no matter your location, you’re part of a vibrant team with diverse experiences making a global impact each day. As we continue to revolutionise how the world interacts, we’re acquiring new skills and experiences that make work feel truly rewarding. Your career at Twilio is in your hands.

See yourself at Twilio

We are seeking a security practitioner capable of being hands-on with a developer-first mentality and passionate about developing and growing others to become effective security practitioners.

About the job

The Staff Security Enablement Analyst will be responsible for developing, implementing, measuring, and managing processes to enhance security enablement across Twilio. This role is critical in fostering a security-first culture by engaging, training, and empowering Twilio employees to act as security practitioners to support and up-level Twilio’s security posture.

Responsibilities

In this role, you’ll:

• Design and implement the Security Champions Program, including establishing OKRs, defining roles, and defining processes to monitor the efficacy of the Security Champions Program.
• Create a comprehensive framework for identifying, recruiting, and retaining influential Security Champions from various teams across Twilio.
• Organise and lead regular meetings, forums, and events to foster collaboration and knowledge sharing among Security Champions.
• Develop and maintain program documentation, guidelines, and best practices with a strong technical focus, while maintaining usability.
• Curate and deliver live training material to meet specific educational needs across Twilio teams.
• Act as a liaison and advocate between Twilions and security, assisting with the rollout of security tools and processes that require collaboration and acting as a channel of communication to surface bi-directional feedback.
• Collaborate with the Learning and Development teams to integrate and enhance security training into existing learning platforms.
•  Work closely with other security teams to identify opportunities to expand security offerings across Twilio.

Qualifications 

Twilio values diverse experiences from all kinds of industries, and we encourage everyone who meets the required qualifications to apply. If your career is just starting or hasn’t followed a traditional path, don’t let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• Bachelor’s degree in Computer Science, Software Engineering, Information Systems, or a related field. Master’s degree preferred.
• 7+ years of experience in information security, cybersecurity, software development, or a related technical field.
• Prior experience coordinating or contributing to a Security Champions or equivalent program.
• Strong knowledge of security principles, practices, and frameworks (e.g., ISO 27001, NIST, CIS).
• Excellent communication, presentation, and interpersonal skills, with the ability to convey security concepts to non-technical audiences.
• Ability to anticipate the needs of the program to drive long-term maturity of the Security Champions Program
• Ability to work collaboratively with cross-functional teams and build strong relationships.

Desired:

• Proven experience in program management, technical training, and employee engagement.
• Experience with secure coding practices, application security, secure design, and threat modelling.
• Understanding of security frameworks, including OWASP, and applicability in software development.
• Analytical Skills: Ability to assess program performance and identify areas for improvement
• Certification in information security (e.g., CISSP, CISM, CEH) or relevant technical certifications (e.g., CSSLP, OSCP) is a plus.

Location

• This role will be remote, and based in British Columbia, Alberta or Ontario

Travel 

We prioritise connection and opportunities to build relationships with our customers and each other. For this role, you may be required to travel occasionally to help you connect in person in a meaningful way.

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

BRITISH COLUMBIA ONLY Other Notes: additional total compensation information

The estimated pay ranges for this role are as follows:

• Based in British Columbia. : CAD 118,200.00 – CAD 147,700.00

2. Staff, Application Security Engineer Remote – Alberta, Canada

Join the team as Twilio’s next Staff Application Security Engineer.

About the job

The Cloud and Application Security team enables the delivery of secure-by-default products to reduce our attack surface against an evolving threat landscape.

This position is needed to enhance Twilio’s Application Security capabilities to improve visibility, reduce vulnerabilities and foster secure engineering practices. This role is going to provide thought leadership and help build key aspects of the program in partnership with different InfoSec and Engineering teams.

Responsibilities

In this role, you’ll:

• Lead Application Security initiatives across different teams to design, build and implement security best practices
• Implement and enhance security automation within CI/CD pipelines
• Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
• Develop and maintain secure coding guidelines and security training for Engineers
• Investigate security vulnerabilities and support incident response as needed
• Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

Qualifications 

Twilio values diverse experiences from all kinds of industries, and we encourage everyone who meets the required qualifications to apply. If your career is just starting or hasn’t followed a traditional path, don’t let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• 8+ years of experience in application security, secure software development, or related fields.
• Hands-on experience with SAST, SCA, DAST, Secrets, API Security solutions
• Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
• Strong knowledge of OWASP Top 10s and modern attack vectors
• Proficiency in at least one programming language (Python, Go, Java, TypeScript)
• Excellent communication and presentation skills, including an ability to communicate effectively with a diverse array of stakeholders at different levels

Desired:

• Application Security certifications (OSCP, GWAPT, GCPN, etc)
• Experience with Threat Modelling

Location

This role will be remote and located in Alberta, Ontario or British Columbia, Canada.

Travel

We prioritise connection and opportunities to build relationships with our customers and each other. For this role, you may be required to travel occasionally to participate in project or team in-person meetings.

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

The estimated pay ranges for this role are as follows:

• Based in British Columbia: $143,000 – $178,000 CAD

3. Staff Engineer, Insider Risk Program Remote – Alberta, Canada

Join the team as our next  Staff Security Engineer – Insider Risk Program

About the job

We are seeking a staff security engineer who will work within the Twilio Threat Detection and Response group [TDR]. The Cyber Insider Risk Investigations Specialist will be responsible for investigating potential risks against Twilio and its workforce from internal and external actors. This is a technical role that supports technical incidents.

Responsibilities

In this role, you’ll:

• Collaborating and acting as a liaison between Insider risk analysts and End users, Legal, HR, and other stakeholders to address findings.
• Assess and investigate complex insider risk incidents and digital behaviours of concern, providing a thorough and mature investigative process from start to end.
• Demonstrate an expert level of business acumen and employment legal considerations throughout the investigations.
• Conduct sensitive interviews of persons of interest during insider risk investigations.
• Examine the case summary provided by the Insider risk analysts and evaluate the appropriate course of action to mitigate the identified security concern within daily operations and incident reviews.
• Document investigative results in an articulate manner to ensure accurate reporting, tracking and documentation of incidents and behaviours of concern through the entire lifecycle of the incident.
• Produce high-quality investigative reports, assessments and briefings for senior management and stakeholders.
• Convey complex security issues to both technical and non-technical audiences with clarity and impact.
• Collaborate closely with the Insider Risk Program Manager and cross-functional partners, including Employee Relations, Employment Legal, and HR, to develop and formalise comprehensive runbooks and standard operating procedures that proactively address and mitigate insider risk.
• Capable of undertaking analytical and project tasks to support the team as needed.

Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications makes for a strong candidate, we encourage applicants with alternative experiences to also apply.

If your career is just starting or hasn’t followed a traditional path, don’t let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• 6+ years of hands-on cyber security investigations experience in law enforcement, counterintelligence, or private sector industry equivalent.
• Experience with emerging cloud technology services and their effect on digital investigations.
• Experience interviewing cyber risk actors, in particular Insider risk actors, and impacted individuals.
• Knowledge of Insider risk/Data Loss Prevention programs, incident management and investigative programs.
• Experience with cybersecurity tools, UEBA/DLP/SIEM/SOAR is a plus.
• Basic scripting and coding skills (Powershell, VBscript, Bash, Python, SQL, etc..)
• Excellent written and verbal communication skills.
• Ability to influence and build effective working relationships with all levels of the organisation.
• Flexible to work additional hours during incidents and provide team support as needed

Location:

This role will be in-office or remote. Canada

What We Offer

Working at Twilio offers many benefits, including competitive pay, generous time off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

The estimated pay ranges for this role are as follows:

• Based in British Columbia. : CAD $118,200.00 – CAD$ 147,700.00

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location.

If you need more jobs, kindly visit https://www.twilio.com/en-us/company/jobs