Third Party Risk Analyst 2

Who we are

At Twilio, we’re shaping the future of communications, all from the comfort of our homes. We deliver innovative solutions tohundreds of thousands of businessesand empower millions of developers worldwide to craft personalized customer experiences.

Our dedication to remote-first work, and strong culture of connection and global inclusion means that no matter your location, you’re part of a vibrant team with diverse experiences making a global impact each day. As we continue to revolutionize how the world interacts, we’re acquiring new skills and experiences that make work feel truly rewarding. Your career at Twilio is in your hands.

See yourself at Twilio

Join the team as Twilio’s next Third Party Risk Analyst 2

About the job

The Security Risk Analyst will be a key member of the Security Risk Management program at Twilio, focused on maturing our Security risk posture by preparing internal stakeholders for certification activities. The team works closely with our Product and Engineering teams to ensure all areas of cyber risk are identified across Twilio and that risk methodologies are operationally effective and in compliance with regulations and industry best practice security measures (e.g. COSO, ISO 31000). This role provides an exciting opportunity for professionals who are passionate about risk management and ready to contribute to the continued growth and maturity of risk practices within a dynamic organization like Twilio.

Responsibilities

In this role, you’ll:

• Conduct security risk assessments for third party vendors, service providers, and telecom carriers to evaluate their security controls and compliance.
• Identify and report third party security vulnerabilities and recommend mitigation strategies.
• Experience reviewing industry certifications and compliance reports such as PCI-DSS, SOC 2, and ISO 27001.
• Assist in the development and implementation of third party security risk management frameworks.
• Monitor and report on security incidents related to third party engagements, providing insights and recommendations to senior leadership.
• Collaborate with procurement, legal, privacy, security, and compliance teams to ensure third party risks are effectively managed.
• Stay up to date on emerging security threats, compliance requirements, and industry best practices related to third party security.
• Prepare reports and presentations on third party security risk findings and mitigation efforts for stakeholders.

Qualifications

Twilio values diverse experiences from all kinds of industries, and we encourage everyone who meets the required qualifications to apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• 2-3 years of Third Party Risk Management experience, working with security-centric risk management and compliance frameworks.
• Strong background in the ability to identify, analyze, and quantify risks from a technical perspective and experience implementing and operationalizing qualitative and quantitative risk analysis, including the performance, benefits, and when to use various types of analysis.
• Proficiency in security risk assessment methodologies and security compliance standards.
• Experience of working with technical security and Engineering / IT to implement technical risk/control solutions with the ability to interpret control requirements and relay those to different stakeholder groups with strong technical knowledge.
• Biased towards automation and tooling to scale program operations.
• Excellent verbal, written, and interpersonal skills.
• Flexible and able to manage multiple projects under tight deadlines.
• Comfortable with ambiguity and adaptable to fast changing environments.
• Strategic thinker and problem solver with exceptional communication skills.

Desired:

• Bachelor’s degree in Information Security, Risk Management, Cybersecurity, or a related field.
• Professional certifications (e.g., CISSP, CISM, or Security+).
• Experience with cloud security, identity access management (IAM), and vulnerability management.
• Experience with third party risk management (TPRM) and procurement tools, such as ServiceNow TPRM, Oracle, and Ironclad.
• Familiarity with enterprise risk management (ERM) frameworks and methodologies.
• Collaboration: Effectively working with internal and external stakeholders to mitigate risks.

Location

India

Travel

We prioritize connection and opportunities to build relationships with our customers and each other. For this role, you may be required to travel occasionally to participate in project or team in-person meetings.

What We Offer

Working at Twilio offers many benefits, including competitive pay, generous time off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now! If this role isn't what you're looking for, please consider other open positions.

Twilio is proud to be an equal opportunity employer. We do not discriminate based upon race, religion, color, national origin, sex (including pregnancy, childbirth, reproductive health decisions, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, genetic information, political views or activity, or other applicable legally protected characteristics. We also consider qualified applicants with criminal histories, consistent with applicable federal, state and local law. Qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. Additionally, Twilio participates in the E-Verify program in certain locations, as required by law.

Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at accommodations@twilio.com.