Role overview

Security Engineer, Incident Response

Requirements and responsibilities

Readable role content extracted into sections for faster review.

Details

  • Lead and support the response to all security events and incidents across Twilio’s complex global infrastructure, services and applications.
  • Be responsible for documentation of incidents and projects you work on and craft best practices as runbooks and standard operating procedures to share knowledge across teams.
  • Work cross-collaboratively to understand and help solve challenges related to a broad spectrum of threat actors and activity.
  • Work to improve Twilio’s security and reliability posture by driving identified betterments from security events and incidents.
  • Rapidly acquire new technical skills and knowledge in a fast-paced, highly disruptive industry environment.
  • Own the security incident lifecycle, respond to incidents and participate in on-call rotation and participate in RCAs for security incidents.
  • Build, cultivate, and maintain positive relationships with internal customers to identify and facilitate solutions to increase the impact of the team’s work.
  • Provide mentorship, support, and care for the team in a way that enables long-term career development, happiness, and success at scale.
  • Proven experience: 3+ years of security incident response in a production-cloud environment
  • Subject-matter expert on security issues and technologies
  • Ability to utilize AI for comprehensive, complex security incident response activities delivering high fidelity detections
  • Advanced knowledge of service-oriented architectures, as well as experience with security tools and technologies fit for a cloud environment
  • Experience working across a technology stack on difficult security challenges and initiatives
  • Experience with SIEM platforms and the ability to extend their functionality
  • Experience with SOAR tools and automating manual security processes
  • Experience in either AWS, GCP, or other large cloud platform
  • Excellent written and verbal communication skills
  • Ability to influence and build effective working relationships with every level of the organization.
  • AI Model Security & Posture Management: Support Implementation of controls and safeguards to prevent AI vulnerabilities, such as prompt injections, model evasion, and data poisoning
  • AI-Driven Threat Response: Utilize GenAI and LLM-based security use cases to rapidly interpret alerts, reduce false positives, and contextualize threat data
  • Artifact & Evidence Triage: Collects intrusion artifacts and forensically sound images to analyze malware, trojans, and source code.
  • Threat Intelligence Integration: Monitors external vendor data and threat intelligence to analyze trends and proactively defend against emerging risks.
Similar roles

Keep a backup shortlist.

Browse stack
FocusSecurityRole area
Seniority signalOpen levelCandidate level
StackAWS, GCPPrimary skills
Location1 accepted countryEligibility

Stack

Use these tags to compare similar remote roles.

Location eligibility

Candidates should apply only when their profile country is listed here.

Your profileCountry not setSign in to check your country against this role.

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
Apply on company siteCompany siteOpen link