Staff Analyst, Security Risk Management

Join the team as our next Staff Analyst, Security Risk.

Who we are & why we’re hiring

The Security Risk Analyst will be a key member of the Security Risk Management program at Twilio, focused on maturing our Security risk posture by preparing internal stakeholders for certification activities. The team works closely with our Product and Engineering teams to ensure all areas of cyber risk are identified across Twilio and that risk methodologies are operationally effective and in compliance with regulations and industry best practice security measures (e.g. COSO, ISO 31000). This role provides an exciting opportunity for professionals who are passionate about risk management and ready to contribute to the continued growth and maturity of risk practices within a dynamic organization like Twilio.

Responsibilities

In this role, you’ll:

• Lead the daily management and oversight of the One Twilio Risk Management program which includes establishing processes and operations for all areas of cyber risk.
• Develop and maintain risk register(s) to track key risk indicators (KRIs) and ensure risks are identified, evaluated, and mitigated appropriately.
• Collaborate with cross-functional teams to ensure proper control mechanisms are in place.
• Review and assess the effectiveness of risk mitigation strategies and recommend improvements.
• Prepare and deliver regular risk reports, dashboards, and presentations to senior leadership, highlighting key risk trends, issues, and mitigation efforts.
• Develop key performance indicators (KPIs) to measure the effectiveness of risk management processes.
• Analyze risk data from various sources to assess trends and develop predictive models for potential risks.
• Use data analytics and risk modeling tools to assess the financial, operational, and security impact of risks.
• Develop ad-hoc reports and presentations as required to support risk decision-making.
• Coordinate with internal and external auditors to support compliance assessments and resolve any risk-related findings.
• Provide training to internal teams on risk management processes, controls, and best practices.
• Participate in the development of risk management policies, procedures, and frameworks.
• Work with the risk management team to enhance organizational risk culture and awareness.

Qualifications

Required:

• 5+ years of Risk Management experience, working with security-centric risk management and compliance frameworks.
• Experience implementing an industry accepted risk framework including but not limited to NIST Risk Management Framework, COSO Enterprise Risk Management, or ISO 31000.
• Strong background in identifying, analyzing, and quantifying risks from a technical perspective.
• Proven track record of managing risk assessments, risk registers, and compliance programs in large, complex organizations.
• 3+ years of experience working with technical security and Engineering / IT to implement technical risk/control solutions.
• Broad understanding of various security domains and a demonstrated track record of understanding security architecture, network, access control, software development, cryptography, and operations.
• Biased towards automation and tooling to scale program impact and reach.
• Excellent verbal, written, and interpersonal skills.
• Bachelor’s degree in Risk Management, Business, Finance, Cybersecurity, or a related field.
• Professional certifications (e.g., CRISC, CISA, CISSP, FRM) are a plus.
• Strong analytical and problem-solving skills with the ability to interpret complex data.
• Excellent communication skills, with the ability to translate risk findings into clear, actionable recommendations for leadership.
• Proficient with risk management software and tools (e.g., RSA Archer, MetricStream, ServiceNow).
• Experience with project management and working across multiple teams and departments.
• Strategic Thinking: Ability to think critically about organizational risks.
• Attention to Detail: Ensuring thorough risk assessments and accurate reporting.
• Collaboration: Effectively working with internal and external stakeholders to mitigate risks.
• Leadership: Ability to take ownership of projects and lead initiatives in risk management processes.

Location

This role will be remote, and based in Alberta, Ontario or British Columbia, Canada.

Travel

Approximately <5% travel is anticipated to help you connect in-person in a meaningful way.

What We Offer

There are many benefits to working at Twilio, including competitive pay, generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We seek out colleagues who embody our values — something we call Twilio Magic. We empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!

The successful candidate’s starting salary will be determined based on permissible, non-discriminatory factors such as skills, experience, and geographic location.

Twilio is proud to be an equal opportunity employer.

Twilio is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, please contact us at accommodation@twilio.com.

Apply for this job

* indicates a required field