• Drive security projects that facilitate the business function and protect our customers, brand, & employees. • Stay apprised of security trends and incidents to prevent similar occurrences by reviewing and implementing security controls based on lessons learned. • Perform security reviews of infrastructure and product features ensuring high standards. • Assist with updating policies and procedures in order to maintain our high security standards at Tines. • Scale our detection and response capabilities across our environment and systems. • Track and drive vulnerability remediation across production and corporate environments, partnering with engineering, infrastructure, and security teams to ensure timely resolution. • Assist with security training and ensuring our employees are up to date on the latest security threats. • Act as an escalation point for automated detections that are raised for human review. • Proactively hunt for threats across our environment. • Perform regular on-call duties, including incident commander responsibilities during security incidents. • Ensure security controls are deployed and tested across cloud environments and corporate endpoints. • Automate as much of this as possible using Tines!

• Monitor a variety of data sources including internal access control systems, external incident aggregators, travel safety applications, and general open source reporting materials • Serve as the primary contact for employees with physical safety and security questions or concerns • Dispatch security resources, escalate to crisis management teams, send broad communications to Twilio employees, or execute a mass notification to account for employee safety • Maintain a broad situational awareness over internal and external physical events that could impact employee safety or pose a threat to business assets or operations

• Collaborates with the CSO Team to support the development, maintenance, and implementation of security standards. • Partner with IT to support the secure implementation of access controls and identity management • Participate in and contribute to initiatives for operating system, Docker images, Kubernetes/GKE and configuration hardening in the public cloud • Support the execution of vulnerability and patch management programs, including tracking remediation efforts. • Work with engineering teams to communicate remediation steps required for vulnerabilities identified through scans or penetration tests. • Support IT, Legal, Finance, Insurance Operations, External Examiners, and business areas during compliance exams. • Assist with the day-to-day operations of security scanning and web penetration testing tools • Support the implementation of security monitoring measures to secure the production environment • Contribute to regular metrics and reporting on the state of the environment • Identify and surface opportunities to improve security tooling, processes, and best practices.

• Full cycle of investigation and coordination in response to security or workflow breaches; • Direct contact and communication with Clients and stakeholders in the event of a Data Breach; • Performing Root Cause Analysis, developing preventive measures, and preparing reports for top management; • Analyzing Client's operational workflows based on incident trends to identify potential threats to the company and developing proactive security optimization recommendations; • Evaluating the security of software, platforms, and third-party services. • Assessing new hiring locations regarding data protection standards and security tool feasibility. • Developing incident management procedures and maintaining the internal knowledge base.