Security Engineer - Bogotá, Colombia - Remotework
Descripción
Security Engineer - Vulnerability ManagementTwilio
Connect with customers on their preferred channels—anywhere in the world. Quickly integrate powerful communication APIs to start building solutions for SMS and WhatsApp messaging, voice, video, and email.
View company page
Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia.
We're on a journey to becoming a global company that actively opposes racism and all forms of oppression and bias.
At Twilio, we support diversity, equity & inclusionwherever we do business.
About the job
Twilio is currently seeking a proficient Security Engineer to be an integral part of our dynamic Threat and Vulnerability Management team.
This role is pivotal in reducing risks for both Twilio and its clients by efficiently managing vulnerabilities within our systems and products.
The ideal candidate for this role should be an exceptional individual contributor, embodyingthe Twilio Magic . and possessing deep expertise in managing security vulnerabilities.This candidate will have the opportunity to work across the enterprise, collaborating with all business units, including Business information Security Officers (BISOs), Threat Detection & Response, Threat Intelligence, Security Architects, and Security Engineers, among others.
Their role will be to help identify threats and vulnerabilities, prioritize and analyze them, and assist in reporting and supporting remediation efforts.
Reporting to the Head of Threat and Vulnerability Management, this position is crucial in maintaining and communicating Twilio's risk posture to the management team.
ResponsibilitiesIn this role, you'll:
Manage Vulnerability Management infrastructure in our production environment for commercial & government environments.
Leverage vulnerability scanning tools to perform vulnerability management scans on a regular cadence.
Perform analysis of scan results and determine criticality ratings for vulnerabilities impacting all production environments.
As vulnerabilities are surfaced through penetration tests, news, and other reporting, map findings to Twilio's environment to determine risk and outcomes.
Collaborate with key stakeholders on remediation strategies, provide guidance, and follow through closure.Report on and track all open vulnerabilities and key metrics around time to completion.
Identify potential for and implement automation between scanning and reporting tools.
Qualifications
Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having "desired" qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply.
If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio.
We are always looking for people who will bring something new to the tableRequired:You have 3+ years of professional experience in information security, with a focus on vulnerability management.
Strong understanding of security vulnerabilities, threat landscapes, and mitigation techniques.
Experience with vulnerability scanning tools and techniques.
Proficiency in scripting or programming languages (e.g., Python, Bash, etc.) for automation of security tasks.
Excellent problem-solving skills and ability to work under pressure.
Flexible and able to manage multiple projects under tight deadlines.
Comfortable with ambiguity and adaptable to fast changing environmentsStrong communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical audiences.
Relevant security certifications (e.g., CISSP, CEH, OSCP) are a plus.Experience operating in a production cloud
environment, with expertise in at least one of: server, network, cloud, database; AWS admin and configuration management skills preferred.
Familiarity with regulatory compliance standards and risk frameworks, including GDPR, HIPAA, SOC 2, ISO 27001 & ISO 27002, and NIST & NIST CFS is a plusLocationThis role will be Remote and based in Colombia.
What We Offer
There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more.
Twilio thinks big. Do you?
We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic . Additionally, we empower employees to build positive change in their communities
by supporting their volunteering and donation efforts.
So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply nowTwilio is proud to be an equal opportunity employer.
Twilio is proud to be an Equal Employment Opportunityand Affirmative Actionemployer.We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics.
We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures.
If you need assistance or an accommodation due to a disability,pleasecontact us .Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.