Twilio logo
Twilio

Twilio is a Platform-as-a-Service (PaaS) company established in 2007. In support of a flexible workplace, Twilio has previously posted freelance, flexible sched

Security Engineer, Incident Response

Location

United Kingdom

Posted

1 day ago

Salary

0

Seniority

Senior

Bachelor Degree3 yrs expEnglishAWSCloudGoogle Cloud Platform

Job Description

Security Engineer, Incident Response

Twilio

• Lead and support the response to all security events and incidents across Twilio’s complex global infrastructure, services and applications. • Be responsible for documentation of incidents and projects you work on and craft best practices as runbooks and standard operating procedures to share knowledge across teams. • Work cross-collaboratively to understand and help solve challenges related to a broad spectrum of threat actors and activity. • Work to improve Twilio’s security and reliability posture by driving identified betterments from security events and incidents. • Rapidly acquire new technical skills and knowledge in a fast-paced, highly disruptive industry environment. • Own the security incident lifecycle, respond to incidents and participate in on-call rotation and participate in RCAs for security incidents. • Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team’s work. • Provide mentorship, support, and care for the team in a way that enables long-term career development, happiness, and success at scale.

Job Requirements

  • Proven experience: 3+ years of security incident response in a production-cloud environment
  • Subject-matter expert on security issues and technologies
  • Ability to utilize AI for comprehensive, complex security incident response activities delivering high fidelity detections
  • Advanced knowledge of service-oriented architectures, as well as experience with security tools and technologies fit for a cloud environment
  • Experience working across a technology stack on difficult security challenges and initiatives
  • Experience with SIEM platforms and the ability to extend their functionality
  • Experience with SOAR tools and automating manual security processes
  • Experience in either AWS, GCP, or other large cloud platform
  • Excellent written and verbal communication skills
  • Ability to influence and build effective working relationships with every level of the organization.

Benefits

  • Competitive pay
  • Generous time off
  • Ample parental and wellness leave
  • Healthcare
  • A retirement savings program
  • Professional development opportunities
  • Travel opportunities for project or team in-person meetings

Related Categories

Related Job Pages

More Security Operations Jobs

GitLab logo

Senior Security Engineer, Security Incident Response Team

GitLab

GitLab, founded in 2011 and based in San Francisco, California, maintains a distributed team of professionals that work remotely across multiple continents. Git

• Lead and coordinate end-to-end incident response for high-severity security events within a 24/7 global on-call model, with this role operating during EMEA business hours • Prepare clear executive communications that keep stakeholders informed during incidents • Investigate complex security incidents across cloud environments, applying strong Digital Forensics and Incident Response (DFIR) methodologies • Partnering with Signals Engineering to design and implement detection capabilities, including SIEM use cases, alerting strategies, and telemetry pipelines • Build and enhance automation and AI-assisted workflows to improve triage, investigation speed, and response consistency • Partner with Threat Intelligence to contextualize threats and improve detection coverage • Conduct root cause analysis (RCA) and lead post-incident reviews to drive continuous improvement and risk reduction • Develop and maintain runbooks, playbooks, and operational documentation • Collaborate cross-functionally (Engineering, Infrastructure, Legal, Product, Communications, etc) during incidents and lead proactive initiatives (e.g. tabletops) • Mentor other engineers and help elevate the team’s overall incident response maturity

Europe
Full TimeRemoteTeam 10,001+H1B Sponsor

Role Description Fortinet is seeking a dynamic and results-oriented individual to join our team as a SECOPS Business Development Manager. In this role, you will be responsible for driving business growth and expanding our market presence in the Security Operations (SECOPS) sector. You will play a pivotal role in identifying new business opportunities, building strategic partnerships, and driving revenue growth through effective sales strategies. - Develop and execute strategic plans to drive business growth in the SECOPS sector, leveraging Fortinet's industry-leading cybersecurity solutions. - Identify and cultivate relationships with key decision-makers, influencers, and stakeholders in target organizations. - Collaborate with cross-functional teams including sales and Pre-Sales, marketing and Channel to develop and execute Go-to-Market strategies. - Drive SecOps sales opportunities together with Sales and Pre-Sales through the entire sales cycle, from lead generation to closing deals. - Conduct market research and analysis to identify emerging trends, competitive landscape, and customer needs. - Provide input to product development teams based on market feedback and customer requirements. - Educate Sales Teams on positioning of the Fortinet offering. - Meet and exceed sales targets, revenue goals, and other key performance metrics. - Represent Fortinet at industry events, conferences, and seminars to showcase our SECOPS solutions and thought leadership. Qualifications - Bachelor's degree in Business Administration, Marketing, Computer Science, or related field. MBA is a plus. - Proven track record of success in business development, sales, or account management roles within the cybersecurity industry, with a focus on SECOPS solutions. - Strong understanding of Security Operations Center (SOC) environments, security incident response, threat detection, and remediation. - Excellent communication, presentation, and negotiation skills. Ability to articulate complex technical concepts to both technical and non-technical audiences. - Self-motivated, proactive, and results-driven with the ability to work effectively in a fast-paced, dynamic environment. - Strong analytical skills with the ability to analyze market trends, customer data, and sales performance metrics. - Experience working with channel partners, resellers, and distributors is a plus. - Willingness to travel as needed. Benefits - Opportunity to work for a global leader in cybersecurity with a strong reputation for innovation and excellence. - Competitive compensation package including base salary, commission, and benefits. - Career growth opportunities in a dynamic and fast-growing industry. - Collaborative and inclusive work environment with a focus on teamwork and professional development. Company Description Fortinet is a global leader in high-performance cybersecurity solutions. With a mission to secure People, Devices and Data everywhere, Fortinet offers a comprehensive suite of products and services to protect businesses of all sizes.

DACH
Full TimeRemoteTeam 10,001+H1B Sponsor

• Review and respond to security events • Investigate to root cause with multiple internal organizations • Mentor junior analysts and support onboarding of new team members • Document existing processes for handling security escalations • Support Incident Response containment and eradication activities • Develop relationships with multiple Security and IT teams

United States
$125K - $145K / year

Role Description CertifyOS is looking for a versatile IT Systems & Security Operations Specialist to bridge the gap between technical infrastructure management and security compliance. This mid-senior role is designed for a technical "all-rounder" who can manage L1 helpdesk escalations, lead complex system configurations, and ensure our organization remains audit-ready. As a critical member of our global infrastructure team, you will move beyond standard ticket resolution to focus on system improvement, automation, and advanced security governance. Work Timing: Rotational shifts (Including Night Shifts) Key Responsibilities - Advanced Systems Configuration & Improvement - Lead senior-level configuration and optimization of core SaaS platforms, including Google Workspace, JumpCloud (Identity Management), and Slack. - Architect and maintain Single Sign-On (SSO) integrations and Identity and Access Management (IAM) policies across all enterprise tooling. - Proactively identify bottlenecks in our current IT stack and implement technical solutions to enhance performance and user experience. - Security Operations & Compliance Audits - Proactively improving IT, Cloud, and Data security frameworks to mitigate risks. - Conduct regular, comprehensive audits of user permissions and system logs to ensure compliance with the principle of least privilege. - Conducting regular user access audits and monitoring security dashboards to lead technical vulnerability remediation. - Monitor security dashboards (EDR/MDM) and lead the technical remediation of identified vulnerabilities across the endpoint fleet. - IT Operations, Lifecycle Management & Support - Serve as the primary senior technical resource for L1 Helpdesk analysts, resolving complex escalations that require deeper system access. - Manage the full employee lifecycle, including ownership of end-to-end onboarding, offboarding, and asset retrieval processes, coordinating seamlessly with stakeholders. - Security, Compliance & Client Due Diligence - Lead responses to customer security questionnaires, RFPs, and TPRA/vendor security reviews, ensuring consistency and accuracy. - Serve as a key point of contact for client-facing security and compliance inquiries during due diligence processes. - Support the Security team in collecting and organizing evidence for SOC 2, HIPAA, and HITRUST audit readiness. - Process Automation - Design and implement automation scripts (Python/Bash) or low-code workflows to streamline repetitive IT tasks. - Continuously improve the automated provisioning process to ensure new hires are fully productive within their first 24 hours. - Performance, Reporting & OKRs - Own and maintain weekly and monthly IT/Security OKRs, including tracking progress, reporting metrics, and taking full initiative ownership. Qualifications - 5–8 years of progressive experience in IT Operations and Security. - Advanced knowledge of Google Workspace administration, JumpCloud (or similar IDP/MDM), and GCP IAM. - Deep experience in security frameworks (HIPAA/HITRUST/SOC 2), including hands-on experience supporting and maintaining SOC 2 audits. - Deep hands-on experience supporting and maintaining SOC 2 compliance/audit readiness. - Practical experience with scripting languages (Python) or automation tools to drive operational efficiency. - Must be comfortable working in a rotational shift environment, including night shifts, to support our global 24/7 operations. Preferred Qualifications - Relevant certifications (e.g., CompTIA Security+, Google Professional Workspace Administrator). - Previous experience in a high-growth startup or the healthcare technology industry. - Strong communication skills with the ability to report technical progress directly to executive leadership. Benefits - 100% coverage of health, dental, and vision insurance premiums for employees. - Unlimited PTO, with at least two weeks off each year to recharge for US-based team members. - Health insurance, statutory leave benefits, and additional wellness (menstrual) leave for women in India. - Commitment to building an inclusive environment where everyone feels valued and empowered. - Reasonable accommodations during the application process available upon request. - Commitment to pay transparency and fostering an open culture where compensation conversations are encouraged and respected.

India