Staff Security Enablement Engineer

About the job

The Staff Security Enablement Engineer will be responsible for developing, implementing, measuring, and managing process and tooling to enhance security enablement for technical resources across Twilio. This role is critical in fostering a security-first culture by engaging, training, and empowering Twilio employees to act as security practitioners to support and up-level Twilio’s security posture. 

Responsibilities

In this role, you’ll:

• Design and implement the Security Champions Program, including establishing OKRs, defining roles, and defining processes to monitor efficacy of the Security Champions Program.
• Create a comprehensive framework for identifying, recruiting, and retaining influential Security Champions from various teams across Twilio.
• Organize and lead regular technical meetings, forums, and events to foster collaboration and knowledge sharing among Security Champions.
• Develop and maintain program documentation, guidelines, and best practices with a strong technical focus, while maintaining usability.
• Curate and deliver live training material to meet specific educational needs across engineering teams.
• Act as a liaison and advocate between engineers and security; assisting with the rollout of tools that require engineering involvement and acting as a channel of communication to surface bi-directional feedback.
• Collaborate with the Learning and Development teams to integrate security training into existing learning platforms.
•  Work closely with other Information Security teams to identify opportunities to expand security enablement opportunities across Twilio. 

Qualifications 

Twilio values diverse experiences from all kinds of industries, and we encourage everyone who meets the required qualifications to apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• Bachelor’s degree in Computer Science, Software Engineering, or a related field. Master’s degree preferred.
• 7+ years of experience in information security, cybersecurity, software development, or a related technical field.
• Prior experience coordinating or contributing to a Security Champions or equivalent program. 
• Strong knowledge of security principles, practices, and frameworks (e.g., ISO 27001, NIST, CIS).
• Experience with secure coding practices, application security, secure design, and threat modeling.
• Excellent communication, presentation, and interpersonal skills, with the ability to convey technical concepts to non-technical audiences.
• Ability to work collaboratively with cross-functional teams and build strong relationships.

Desired:

• Proven experience in program management, technical training, and employee engagement.
• Deep understanding of security frameworks including OWASP and applicability in software development. 
• Analytical Skills: Ability to assess program performance and identify areas for improvement
• Certification in information security (e.g., CISSP, CISM, CEH) or relevant technical certifications (e.g., CSSLP, OSCP) is a plus.

Location

• This role will be remote, and based in British Columbia, Alberta or Ontario