Senior Manager, Security Monitoring and Operations

Twilio is seeking a Senior Manager for the Security Monitoring & Operations Team: This will report directly to the CISO. 

About the job:

  • This is a Engineering Manager role focused on building security-monitoring and automated-response capabilities.
  • Successful candidates will have a strong background in recruiting (attracting and retaining talent), developing and leading teams, as well as translating vision into an executable roadmap.  
  • Candidates will also demonstrate an understanding of traditional network and operational security, descriptive and predictive analytics, software development and have experience defining and growing the security capabilities of cloud-based networks, systems and applications.


  • Lead and grow a multi-talented Security Monitoring team locally in San Francisco and remote. The team is composed of incident-response, development and analytics professionals.
  • Regularly communicate, with internal and external teams, the plan being executed to secure Twilio's products, infrastructure and data.
  • Build out additional capabilities & automation, driving improvements within the Security, IT and R&D organizations to proactively detect and respond to threats.
  • Excel as a knowledge leader and be a productive member of the team, where leadership is a behavioral trait, not a title.
  • Approach problem solving with a principled engineering and analytics mindset.

Opportunities for you:

  • Make significant contributions to product risk decisions and necessary controls, based on quantitative analysis.
  • Putting your knowledge to work and improve automation design to improve the organization's risk analysis and learn how to make better security decisions.
  • Work closely with engineering teams & security peers to continue to develop interesting communications-related exercise scenarios as tabletops.


  1. Security Monitoring and Incident Response Program: Continue maturing the already successful security-monitoring and incident-response capability for Twilio.  Develop capabilities that improve the detection, response and containment of security events and incidents.  Demonstrate leadership and success implementing modern incident-response methodology within a software-defined context.  You have participated in forensically sound investigations, and you are seasoned in your experience responding to and resolving a wide range of security threats.  You have a desire to find the unknown within the mountains of data stores, and then make sense of the unknown.  You have exposure to designing, building and executing security analytics systems to both deterministically and predictively find threats and stops threats.
  2. Vulnerability Identification & Management Program: Communicate and execute your vulnerability management philosophy. Scale and mature the existing vulnerability-identification and management program. Leverage vulnerability data and information to develop knowledge on the best approach to remediating or consulting on vulnerability mitigations. Not only can your program pass audits, but more importantly, it raises the overall security posture of the company.  Develop metrics and set remediation KPIs that reduce both product and enterprise risk.
  3. Cloud: Proven success in building, executing and maturing security monitoring, incident response and vulnerability management capabilities within various cloud-security platforms.
  4. Tools: Demonstrated You repeated success in developing, designing, and maintaining custom secure tools, scripts and applications to assist the security-operations functions.  You have successfully evaluated and implemented off-the-shelf products.
  5. Security awareness: You maintain current awareness of attack vectors for networks and software, and are educating internal engineers on best practices for information security.  Based on your unique perspective in the R&D organization, you provide trending information to the organization for vulnerabilities, attacks and improvements.

Bonus points:

  • Not afraid to transform data and information into knowledge in order to make actionable alerts.
  • You have experience building and leading a forensics capability within your Security Monitoring team.
  • You understand and can articulate knowledge of AWS primitives and their behaviors on the network.
  • You have a background in hands-on software engineering following agile software development practices. You're not necessarily a software engineer today, but you've written code before and can again if called upon.


About us:

Twilio's mission is to fuel the future of communications. Developers and businesses use Twilio to make communications relevant and contextual by embedding messaging, voice and video capabilities directly into their software applications. Founded in 2008, Twilio has over 650 employees, with headquarters in San Francisco and other offices in Bogotá, Dublin, Hong Kong, London, Madrid, Mountain View, Munich, New York City, Singapore and Tallinn.

Twilio is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status and operate in compliance with the San Francisco Fair Chance Ordinance. #LI-POST

See Inside the Office of Twilio

Launched in 2008, Twilio simplifies business communication across applications—supplying developers with the highly competent tools needed to develop customer-centric phone, VoIP, and messaging systems on its global cloud API platform. From online restaurant bookings to tech support call center networks, Twilio's flexible technology lets companies construct personalized business solutions that enhance customer-service interaction and profitability.

Back to top