Security Engineer, Incident Response

See yourself at Twilio Join the team as our next Security Engineer, Incident Response Who we are & why we’re hiring Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences. Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia. We're on a journey to becoming a global company that actively opposes racism and all forms of oppression and bias. At Twilio, we support  diversity, equity & inclusion wherever we do business. About the job This position is needed to respond to all security events and incidents across Twilio’s global infrastructure, services and applications. The Security Incident Response Team (SIRT) supports Twilio’s mission of security and reliability by working across the organization to lead the response to security events and incidents across Twilio by effectively conducting triage, containment, remediation and driving post-incident betterments.  Responsibilities In this role, you’ll: Lead and support the response to all security events and incidents across Twilio’s complex global infrastructure, services and applications. Lead and support the triage, containment and remediation actions for security incidents and events by effectively partnering with Engineering teams to lead enterprise-wide response actions. Work to improve Twilio’s security and reliability posture by driving identified betterments from security events and incidents. Support large projects end-to-end that will improve Twilio’s Threat Detection and Response capabilities and initiatives. Qualifications  Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table! Required: 3+ years of experience in Cybersecurity with a focus on incident response, security engineering, and/or intrusion detection Experience with log analysis and forensic tools Experience with AWS, GCP, and vendor SaaS integrations Experience with Sumo Logic & Bigquery Experience with automation Schedule: ability to work non-standard, on-call rotation weekend and holiday hours Desired: Experience with SaaS application security and vulnerabilities  Experience developing playbooks, runbooks, troubleshoot technical issues, and recognize and identify patterns  Experience developing content or detection mechanisms in line with MITRE ATT&CK or STRIDE threat modeling framework Location  This role will be remote but is not eligible to be hired in San Francisco, CA, Oakland, CA, San Jose, CA, or the surrounding areas Approximately <5% travel is anticipated.  What We Offer There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location. Twilio thinks big. Do you? We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic . Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts. So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now! If this role isn't what you're looking for, please consider other open positions . The estimated pay ranges for this role are as follows: Based in Colorado: $99,000 - $124,000 Based in New York, Washington State or California (outside the San Francisco Bay Area): $105.000 - $131,000 This role may be eligible to participate in Twilio’s equity plan. All roles are eligible for the following benefits: health care insurance, 401(k) retirement account, paid sick time, paid personal time off, paid parental leave. The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location within the state.    Twilio is proud to be an equal opportunity employer.  Twilio is proud to be an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law. Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at  accommodation@twilio.com .