Security Program Manager - Third Party Compliance
Twilio is seeking a Security Program Manager to partner with Twilio's vendors to ensure third-party compliance. You will work closely with Security Program Managers, as well as with the Sales and Legal teams.
About the job:
- You will act as Twilio’s Security Compliance SME, responding to inquiries from customers and internal business partners including customer calls, email requests, and meetings as needed.
- You will also maintain and expand Twilio's vendor-security management program.
- Review and complete documentation in response to a Request for Proposal (RFP), Request for Information (RFI) and Security Questionnaires from Twilio customers, using existing knowledge base. Periodically update RFP Q&A repository for use by team members, SMEs and other business partners.
- Participate in pre-sales security calls and address high-level security and compliance topics with customers. Partner with Sales, Marketing and Product to understand what our customers are asking for from a security point of view. Effect change to Twilio’s security practices and product security by consolidating general themes and communicating them to internal teams.
- Synthesize asks from customers and suggest initiatives with other teams to address customer concerns.
- Learn and maintain high-level working knowledge of Twilio products and their security implications in AWS.
- Review security clauses and exhibits as needed to assist the Legal team.
- Identify improvement areas in the existing Third Party Security Program and design processes and tracking mechanisms to address those areas.
- Conduct reviews of Twilio’s Tier 1 and 2 vendors, and then hold vendors accountable for any remediation items.
- Conduct security reviews of Twilio Marketplace vendors during the onboarding process
- Regularly report on the health of the third party security program to management.
- Oversee the security assessment and integration efforts throughout any M&A activity and be prepared to share the change in risk posture and its consequences to management
- Background: You have 3+ years experience in the Compliance domain, successfully leading similar projects. You have 2+ years managing vendor security.
- Approach: You are comfortable thinking on your feet. You are assertive and very knowledgeable with internal and external customers and vendors. You exude confidence.
- Deliverables: You regularly review answers from security questionnaires destined for our customers' Security Departments, and review security clauses from contracts from our customers. You update the RFP repository and provide guidance on the best method to address security questions. You also hold our Tier 1 and 2 vendors accountable for their security by conducting annual reviews and perform high-level tracking of their progress.
- Efficiency: You are able to work independently, learning about Twilio products and infrastructure, being able to speak about them at a high level to clients. You turn security and compliance observations that emerge from your work into permanent improvements within the organisation.
- Cloud: You have experience answering and asking compliance questions for products built in a cloud infrastructure.
- Excellent Interpersonal Skills: You have a proven ability to work effectively with technical and non-technical contributors, program management and leadership
Twilio makes communications easy and powerful. With Twilio's platform, businesses can make communications relevant and contextual by embedding real-time communication and authentication capabilities directly into their software applications. Twilio gives businesses the ability to innovate, prototype, create, and connect with their customers at the right time and in the right way. Founded in 2008, Twilio is a public company based in San Francisco, California with other offices around the world.
Twilio is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status and operate in compliance with the San Francisco Fair Chance Ordinance. #LI-POST
Back to top