This role supports By Lightβs Security Operations Center (SOC) and compliance initiatives, with a focus on achieving and maintaining certifications under ISO/IEC 42001 (AI Management Systems), CMMC Level 2, and SOC 2. The ideal candidate will assist in the implementation, documentation, monitoring, and continuous improvement of enterprise security controls to meet internal policy, federal requirements, and industry standards. This is a hands-on role that blends technical knowledge, compliance strategy, audit preparation, and cross-team collaboration to ensure enterprise-wide security and assurance for AI, cloud, and IT/OT systems.
Job listings
Join the team as Twilioβs next Senior Cloud Security Engineer. The Cloud and Application Security team enables delivery of secure by default products to reduce our attack surface against an evolving threat landscape. This position will enhance Twilioβs Cloud Security capabilities to improve visibility, reduce vulnerabilities and foster secure engineering practices, building key aspects of the program with InfoSec and Engineering teams.
The Platform Security Engineer will work alongside platform teams to build secure systems and tooling and will focus on securing cloud infrastructure, CI/CD, and IAM across the entire organization and on developing Ownerβs alerting and detection capabilities. This role can be based anywhere in the United States or Canada, or anywhere in Mexico or Colombia.
As a Lead Security Analyst in the Governance, Risk Management, and Compliance function, you'll reduce security risk and ensure compliance with frameworks like ISO 27001, SOC 2, and FedRAMP. You will collaborate with stakeholders to design and operate security controls. You will also use technology to automate compliance activities, track program health, and contribute to security standards and processes.
We're looking for someone with in-depth expertise in Tableau, data engineering, and IAM principles to design, implement, and maintain a robust security program specifically for Tableau, ensuring the integrity and confidentiality of our data visualizations. You'll collaborate cross-functionally with various teams to align IAM solutions with organizational security requirements, facilitating secure and seamless access across the enterprise. Drive impactful security outcomes that directly strengthen our digital landscape and support our critical security compliance initiatives.
Join the team as Twilioβs next Senior Application Security Engineer(L3). The Cloud and Application Security team enables delivery of secure by default products to reduce our attack surface against an evolving threat landscape. This position is needed to enhance Twilioβs Application Security capabilities to improve visibility, reduce vulnerabilities and foster secure engineering practices. This role will have a high impact.
The Security Application Solution Architect works closely with the Information Security team to develop and implement a comprehensive information security program, defining security policies, processes, and standards. This role requires a deep understanding of secure application development practices, including the security of API interactions and cloud application environments.
The Information Security team is looking for a Senior Engineer to extend their Software Assurance and Security Innovation practice. This is a hands-on role responsible for assessing, designing, implementing, automating and documenting security solutions and processes pertaining to cloud infrastructure, application engineering, DevOps and other platforms. This role will work with platform engineers, innovation teams, and developers on secure best practices in Infrastructure as Code (IaC), cloud design patterns and CI/CD workflows.
As a Threat Research Engineer, you will improve automated fraud detection and challenge DataDomeβs detection mechanisms to ensure bots are properly detected. You'll create automated detection automations and threat knowledge to block fraud at scale, and add new signals to client-side scripts for detecting advanced bots. Continuous improvements to underlying automation and threat intelligence is expected.
Lead initiatives to integrate cybersecurity automation into system designs, ensuring streamlined and proactive threat detection and response mechanisms. Develop leadership strategies to mentor and empower team members in adopting best practices for cybersecurity, fostering innovation and accountability. Manage the quarterly and annual planning, team objectives, individual goals, deliverables, hiring, development plans, and performance reviews.