Staff, Application Security Engineer

Twilio is seeking a Staff, Application Security Engineer to join their Cloud and Application Security team. This role is crucial for enhancing Twilio’s Application Security capabilities, improving visibility, reducing vulnerabilities, and fostering secure engineering practices. The ideal candidate will provide thought leadership and collaborate with various InfoSec and Engineering teams to build key aspects of the security program.

Responsibilities:

• Lead Application Security initiatives across different teams.
• Implement and enhance security automation within CI/CD pipelines.
• Maintain Application Security solutions and measure their effectiveness.
• Develop and maintain secure coding guidelines and security training for Engineers.
• Investigate security vulnerabilities and support incident response.
• Research emerging threats and attack techniques.

Requirements:

• 8+ years of experience in application security, secure software development, or related fields.
• Hands-on experience with SAST, SCA, DAST, Secrets, API Security solutions.
• Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
• Strong knowledge of OWASP top 10s and modern attack vectors.
• Proficiency in at least one programming language (Python, Go, Java, TypeScript).
• Excellent communication and presentation skills.

What Twilio Offers:

• Competitive pay.
• Generous time-off.
• Parental and wellness leave.
• Healthcare.
• Retirement savings program.