Twilio is hiring a

Third Party Security Program Manager

San Francisco, United States

Twilio Senior Product Security Engineers are responsible for making sure Twilio products meet the highest security standards in the industry. Successful candidates have a strong software development background, have prior experience working with product teams and are experts at securing applications.

About the job:

  • You will excel at talking with engineers and business teams, in language they understand, about their products’ and systems’ security posture.
  • You will understand security implications of our products and give guidance to ensure that they are as secure as possible.
  • You will build security tools to find and fix security bugs at scale.
  • A successful candidate will have a proven track record of building secure applications. They should understand the security impacts and security decisions that need to be made to build secure products, and then be able to articulate those to engineers outside the Security team. 


  • Be part of a small, high-impact and multi-talented Security team.
  • Work with product management and engineering teams to perform security/privacy reviews of their products and systems.
  • Develop tools to find and fix security issues at scale.
  • Create automated tests to enforce security standards.
  • Develop security training and education for developers.
  • Find vulnerabilities in different tech stacks and languages (Java, Python, Scala, PHP, C/C++).
  • Excel as an engineer and be a productive member of the team where leadership is a behavioral trait, not a title.


  • Strong understanding of vulnerabilities, common attack vectors and how to resolve them.
  • Ability and interest to educate software engineers on secure coding practices.
  • Strong understanding of authentication and authorization protocols.
  • Expert in web application security issues (OWASP 10).
  • Strong development background and secure coding best practices in different languages/stacks.
  • Ability to develop threat models and attack trees using a standardized process.
  • Familiar with cloud technologies and are hands-on with AWS.
  • Deep experience in a minimum of three (applied cryptography, web app security, security protocols, AWS security, threat modeling, network security, writing secure code).

About us:

Twilio makes communications easy and powerful. With Twilio's platform, businesses can make communications relevant and contextual by embedding real-time communication and authentication capabilities directly into their software applications. Twilio gives businesses the ability to innovate, prototype, create, and connect with their customers at the right time and in the right way. Founded in 2008, Twilio is a public company based in San Francisco, California with other offices around the world.

Twilio is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal opportunity regardless of race, color, ancestry, religion, gender, gender identity, parental or pregnancy status, national origin, sexual orientation, age, citizenship, marital status, disability, or Veteran status and operate in compliance with the San Francisco Fair Chance Ordinance. #LI-POST