Staff Software Engineer, Security - Segment

Job Description

Because you belong at Twilio.

The Who, What, Why and Where

Twilio is growing rapidly and seeking a Staff Software Engineer - Security to join our Twilio-Segment team. We're a small team with a passion for startup security, which means we are always thinking of newer and better ways to tackle hard security problems. We take on ambitious projects that have a big impact on our customers and the security of our company. We talk about our methods and accomplishments in public blogs, at conferences, and in presentations. If you want to be this kind of security person and work with a team that's like you, to create innovative security solutions for distributed systems and architecture, we'd love to hear about your approach and introduce you to our team.

Who?

Twilio is looking for a leader who lives the Twilio Magic and has a demonstrated track record of building customer-facing security features.

• You are not afraid to produce and ship production level code to implement new security controls.
• You are excited to work “full stack” on a variety of security challenges and initiatives.
• You're empathetic, patient and love to help your teammates grow more secure in their day to day.
• You're focused, driven and can get challenging projects across the finish line.
• You're proud of the projects you build, but you're also humble.
• You try converting a security “no” into a “yes” through technological innovation.
• You’re willing to share the awesome things you build to the greater application security community through open source and conference talks

We encourage you to apply if this role excites you — even if you think you may not meet all of the qualifications.

Requirements:

• You have a solid understanding of software security principles
• You can write maintainable software to solve security problems
• Excellent written and verbal communication skills
• Experience working cross functionally with a diverse group of stakeholders
• You can break down complex security problems into measurable and solvable pieces
• You have 6+ years of software security engineering experience or some cool projects on GitHub you think we'll love to check out

Bonus:

• Practical software development skills with Node, Typescript, GraphQL and React
• Experience mentoring junior engineers
• Experience building product security features like Single-sign on (SSO), 2FA, SCIM or other Identity-related work
• Experience building mitigations for account security risks
• Practical knowledge of web application vulnerabilities and mitigations
• You’re involved in the InfoSec community
• Experience implementing or maintaining a pragmatic Content Security Policy (CSP)

What?

• We partner with our software engineering counterparts to build security features. If you are looking for a role focused on DAST, SAST, SCA, engineering training, threat modeling, etc. please check keep an eye out for roles on our Application Security Team.
• We’ve helped build our authentication service, two-factor authentication (2FA), our password strength meter integrated with Have I Been Pwned, and SCIM
• We believe that our app should make good security choices by default for our customers, but also allow for flexibility to serve the needs of our customers regardless of where they’re at on their own security journey.
• We are practical with our recommendations, but also want to delight our most security conscious customers.

Projects We’re Working On:

• Increasing customer engagement with existing Product Security features and tracking engagement
• Improving the way that Segmenters access workspaces to assist customers
• Helping customers secure their API keys
• Rolling out a Content Security Policy (CSP)

Why?

The Twilio-Segment Product Security Team is growing to support our product security initiatives, and we’re looking for talented security software engineers who are excited to help us build a more secure product. As a Product Security Engineer at Segment, you’ll work alongside other security engineers and the rest of the engineering organization to build the security features of our product.

A little more about our team:

• How we partner with engineering to build product security features
• How we manage time-based access to SaaS apps and AWS roles
• Our CISO’s Approach to Building a Security Team and Program
• We deleted every employees’ AWS keys !
• We help organize the OWASP SF chapter , the AppSec California , B-Sides SF , and Day of Shecurity conferences
• How we help customers secure their accounts

Twilio is a company that is empowering the world’s developers with modern communication in order to build better applications. Twilio is truly unique; we are a company committed to your growth, your learning, your development, and your entire employee experience. We only win when our employees succeed and we're dedicated to helping you develop your strengths. We have a cultural foundation built on diversity, inclusion, and innovation and we want you and your ideas to thrive at Twilio.

Where?

This position will be located in our remote office within the United States or Canada. Around the world, Twilio offers benefits and perks to support the physical, financial, and emotional well being of you and your loved ones. No matter where you are based, you will experience a company that believes in small teams for maximum impact; seeks well-rounded talent to ensure a full perspective on our customers’ experience, understands that this is a marathon, not a sprint; that continuously and purposefully builds an inclusive culture that empowers everyone to do their best work and be the best version of themselves.

About Us

Millions of developers around the world have used Twilio to unlock the magic of communications to improve any human experience. Twilio has democratized communications channels like voice, text, chat, video and email by virtualizing the world’s communications infrastructure through APIs that are simple enough for any developer to use, yet robust enough to power the world’s most demanding applications. By making communications a part of every software developer’s toolkit, Twilio is enabling innovators across every industry — from emerging leaders to the world’s largest organizations — to reinvent how companies engage with their customers.

In accordance with applicable law, the following represents Twilio's reasonable estimate of the range of possible compensation for this role if hired in Colorado.

Salary:

Denver/Boulder Metro:

Tier 4 base salary range: 132,928.00 - 166,160.00

Additionally, this role is eligible to participate in Twilio's equity plan.

An overview of Twilio’s benefits offered is listed below:

Twilio is committed to delivering a comprehensive benefits program that provides support needed for you and your loved ones. It’s likely that you don’t think about benefits every day; however, they are an important component of your total compensation, and we want you to understand the options available to you so that you can make the most of your benefit dollars. At the time of this posting, this role is eligible to participate in the following benefits, which Twilio reserves the right to modify at any time for any reason in accordance with applicable law:

Healthcare Insurance and Leave

• Prescription Drug
• Dental
• Vision
• Flexible Spending and Health Savings Accounts
• Leave programs for all of life’s moments: maternity, parental/bonding, as well medical leave to care for yourself or a loved one

Financial Benefits

• Short and Long Term Disability Insurance
• Life and Accidental Death & Dismemberment Insurance
• 401(k) Retirement Savings Plan with a match

Reimbursement Programs & Stipends

• $65 per month work-from-home stipend
• Up to $50 per month for wellness expenses and activities
• Up to $30 per month to use towards books/eBooks

#LI-remote