Senior Application Security Engineer

Twilio Inc.

Job Overview

Location

Remote - India

Job Type

Full-time

Full Job Description

📋 Description

• As a Senior Application Security Engineer at Twilio, you will play a pivotal role in shaping the future of secure communications by enhancing our application security posture. You will be instrumental in designing, building, and implementing robust security best practices across various engineering teams, contributing directly to Twilio's mission of enabling secure by default products and reducing our attack surface against an ever-evolving threat landscape.
• This role demands thought leadership and a proactive approach to security. You will be a key driver in building critical aspects of our application security program, collaborating closely with internal InfoSec and Engineering teams to foster a culture of security awareness and embed secure development practices throughout the software development lifecycle.
• A significant part of your responsibility will involve the implementation and continuous enhancement of security automation within our CI/CD pipelines. This includes integrating security tools and processes to ensure that security checks are performed early and often, thereby catching vulnerabilities before they reach production.
• You will be responsible for maintaining our existing Application Security solutions, rigorously measuring their effectiveness through key performance indicators, and driving continuous improvement initiatives based on strategic priorities and emerging threats.
• Developing and maintaining comprehensive secure coding guidelines will be a core function. This involves creating clear, actionable guidance for engineers and developing engaging security training programs to educate and empower our development teams to write more secure code.
• You will be expected to investigate security vulnerabilities, conduct thorough root cause analyses, and provide expert support during incident response activities, ensuring swift and effective mitigation of security incidents.
• A crucial aspect of this role is staying ahead of the curve by researching emerging threats, vulnerabilities, and attack techniques. This proactive research will enable us to anticipate potential risks and implement necessary security controls to protect our applications and customer data.
• You will contribute to the security architecture reviews of new features and services, ensuring that security is considered from the design phase onwards.
• This position offers a unique opportunity to make a high impact on Twilio's security strategy and execution, working with a talented and globally distributed team in a remote-first environment.
• You will leverage your expertise to identify and mitigate risks associated with cloud-native workloads, containers, web applications, and APIs, ensuring the security of our platform.
• Collaborating with product and engineering teams to understand their security needs and provide tailored solutions will be essential for success.
• You will champion security best practices and advocate for security initiatives across the organization, fostering a strong security-conscious culture.
• This role requires a deep understanding of modern security principles and the ability to apply them in a fast-paced, dynamic technology environment.
• You will contribute to the development and maintenance of security documentation, policies, and procedures.
• The ability to analyze security telemetry and logs to identify suspicious activities and potential threats will be a valuable skill.
• You will participate in security assessments and penetration testing activities, providing guidance on remediation efforts.
• This is an opportunity to grow your career within a leading communications platform company, contributing to the security of services used by millions of developers and hundreds of thousands of businesses worldwide.
• You will work in a collaborative and inclusive environment that values diverse experiences and encourages continuous learning and professional development.
• The role is fully remote, based in India, offering flexibility and the opportunity to work from your home location.
• Occasional travel may be required for project or team in-person meetings, fostering stronger relationships and collaboration.

🎯 Requirements

• 5+ years of experience in application security, secure software development, or related fields.
• Hands-on experience with SAST, SCA, DAST, Secrets Management, and API Security solutions.
• Experience securing Containers, web applications, APIs, and cloud-native workloads (AWS, Azure, GCP).
• Strong knowledge of OWASP Top 10 and modern attack vectors.
• Proficiency in at least one programming language (Python, Go, Java, TypeScript).
• Excellent communication and presentation skills, with the ability to engage diverse stakeholders at various levels.

🏖️ Benefits

• Competitive compensation package.
• Generous time off policies.
• Ample parental and wellness leave.
• Comprehensive healthcare benefits.
• Retirement savings program.
• Opportunities for professional development and continuous learning.

Skills & Technologies

Python

TypeScript

Java

AWS

Azure

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Twilio Inc.

Visit Website

About Twilio Inc.

Twilio Inc. provides cloud-based communications platforms that enable developers to integrate voice, messaging, video, email, and authentication into applications via APIs. Founded in 2008, the company offers programmable services for SMS, voice calls, WhatsApp, email, and IoT connectivity, serving enterprises, startups, and communication service providers globally. Twilio operates a pay-as-you-go model, allowing customers to scale usage without managing underlying telecom infrastructure. The company is headquartered in San Francisco, California, and trades on the New York Stock Exchange under the symbol TWLO.

View Company Profile