Information Risk Management Director

Twilio Inc. San Francisco , CA 94102

Posted 2 months ago

Because you belong at Twilio

The Who, What, Why and Where

Twilio is growing rapidly, and, like many technology companies, information is integral to our business. Our business relies on it and our customers demand that we properly manage and protect it.

That's why we're looking for a Director of Information Risk Management, reporting to our Vice President, Deputy General Counsel, Privacy and Product, to be a key contributor to building out our information governance program. You will be responsible for partnering with our Head of Data Governance as well as our Litigation, Privacy, and Information Security teams, to define and implement a risk-based framework for handling information at Twilio that incorporates and harmonizes already existing applicable frameworks and policies (e.g., SOX for financial records, Binding Corporate Rules for personal data, HIPAA for protected health information, etc).


The ideal candidate has experience developing and implementing an information risk management framework within a fast-growing publicly-traded technology company that serves a diverse customer base, which includes both heavily-regulated and lightly-regulated businesses, and individual developers and Fortune 500 companies. We are looking for a motivated self-starter who is solutions-oriented.

You must be willing and able to think strategically, but also roll up your sleeves to get the job done. Familiarity with various regulatory frameworks such as GDPR, SOX, and HIPAA, as well as best practices for information handling for litigation, investigations, and protection of IP, are a must.

You also know how to:

  • Partner with teams across different parts of the organization to help them define and implement information risk management procedures applicable to their functions and conform to information risk management policies.

  • Define an information risk management strategy and set of policies that take into consideration the business's current needs, future ambitions, and "wears the customer's shoes."

  • Identify and drive areas for quick wins to help improve our information risk posture in the near term, while keeping an eye on how those wins fit into an overall long-term information governance strategy.

  • Advocate for the business value of an information governance program and information risk management to internal stakeholders and constituencies.

  • Leverage data governance tools and technology to help implement information governance policies.


Director of Information Risk Management, you will live the Twilio Magic values:

  • BE AN OWNER & DRAW THE OWL: Coordinate internal constituencies including, but not limited to, the Privacy, Corporate Compliance, Litigation, Security and IP teams, to define a framework for information risk management at Twilio.
  • WRITE IT DOWN. Define and implement information risk policies, including classification and retention policies, based on legal, regulatory and business requirements.
  • EMPOWER OTHERS: Work closely with the Data Governance team as the subject matter expert regarding information risk management policies and requirements at Twilio, and work with teams across the organization to implement information risk management policies.
  • BE BOLD: Serve as the internal subject matter expert and advocate for information risk management best practices.
  • NO SHENANIGANS: Monitor compliance with information risk management policies, and assist in audits and responding to regulatory inquiries.


Twilio is a company that is empowering the world's developers with modern communication in order to build better applications. Good information risk management practices are becoming increasingly important to Twilio's customers, who are trusting us to handle their information properly when they use our APIs for their communications and customer engagement workloads.

It is also increasingly important to Twilio's business operations as we grow and scale. As Director of Information Risk Management you will both help guard that critical customer trust and help our operations scale.

Twilio is truly unique; we are a company committed to your growth, your learning, your development and your entire employee experience. We only win when our employees succeed and we're dedicated to helping you develop your strengths.

We invest in weeks dedicated to tackling hard problems and creating your own ideas. We have a cultural foundation built on diversity, inclusion and innovation and we want you and your ideas to thrive at Twilio. Come join us.


This position will be located in our beautiful office at 101 Spear Street in the Rincon Center in San Francisco. You will enjoy our incredible perks: catered meals, snacks and drinks, ergonomic desks, game room, fitness center, massages, monthly All Hands and more.

You will also be part of a company that believes in small teams for maximum impact; that strives to balance work and home life; that understands that this is a marathon, not a sprint; that continuously and purposefully builds an inclusive culture where everyone is able to do and be the best version of themselves. We seek people who naturally demonstrate our values, who are challenged by problems, empower others to thrive, and can draw the owl and not be beholden to one playbook.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Cyberecurity Governance Risk Management & Compliance 200000Dx Attention Military Veterans


Posted Today

VIEW JOBS 6/5/2020 12:00:00 AM 2020-09-03T00:00 <strong>Director, Cybersecurity Governance Risk Management & Compliance – 200000DX </strong><br /> <br /> <strong>Work Location:  Columbus, IN</strong><br />   <br /> <br /> <br /> No, this isn’t one of those ordinary jobs.<br /> We are is a team of dependable, innovative thinkers, who are empowered to generate and deliver solutions for customers, community, and environment. Our employees develop their careers through the challenges only a diverse, global innovator can promise. This is a collaborative culture where thinking beyond your desk is more than part of the job. It is the job.<br /> <em>This is what we call Working Right.</em><br />  <br /> <strong>Description</strong><br /> We are a place big enough to coach and develop a global workforce and create the world’s leading clean, engine technology. We’re also small enough for you to find your fit and personal passion with a team of dependable, innovative thinkers who are developing their careers within a diverse, inclusive, empowering environment.<br /> Seeking a Director of Global Cybersecurity – Governance, Risk Management and Compliance in Columbus, Indiana. A security and risk thought leader experienced in strategy and planning, risk governance and management. The successful candidate will be an integrator of people and processes, a problem solver, an effective consultant and have strong knowledge of information security best business practices and risk management frameworks.<br /> Learn more about this role and how you can begin <em>Working Right</em> .<br /> <br /> <strong>Your impact will happen in these and other ways:</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for leading the development of global risk mitigation strategy, road map, tools, resources, and applicable policies.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Sponsors and applies Global Cybersecurity policies and data privacy principles to manage risks related to the use, processing, storage, and transmission of information or data.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Management of technical staff supporting Global Cybersecurity Threat and Vulnerability</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Management, Global technical standards, Global Cybersecurity policy, Cybersecurity policy exceptions, Global Awareness & Training, and Third-party (Vendor) Risk Assessments.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Participate as a key member of a senior level IT Management Team.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for a significant area within IT from a scope perspective</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Provide input to development of IT Strategies</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for team financial management including AOP, budget management, and forecasting.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for People Management including work plan development, performance management, and people development.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible for team building and development including organization structure, recruiting, global team management.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Compile and present Management Reports on team performance including metrics, deliverable status, etc.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Communicate status to senior management – IT and business.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Accountable for Six Sigma training, usage and goal attainment for the team.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Ensure team adherence to all IT processes, policies, and procedures including IT Security.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Responsible of IT Controls compliance for the team Engagement with customers in their respective function or business area.</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Governance/Leadership for all program/projects executed or supported by their team</li> </ul> <strong>Experience</strong> <ul> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">5 years of Cybersecurity experience preferred</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">8 years leading teams</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Requires a high level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Leadership ability to attract and retain technical staff is a key skill</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Requires excellent verbal and written communication skills with the ability to influence and manage conflict within and across organizations, functions and business areas</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Working knowledge of NIST Cybersecurity Framework and Global cybersecurity regulatory environment is required</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Significant level of relevant work experience, including managerial and budgetary experience, required</li> <li style="padding: 0; margin: 0;" style="padding: 0; margin: 0;">Broad business knowledge required</li> </ul> <strong>Qualifications</strong><br /> <br /> <strong>Financial acumen -</strong> Interpreting and applying understanding of key financial indicators to make better business decisions.<br /> <strong>Decision quality -</strong> Making good and timely decisions that keep the organization moving forward.<br /> <strong>Ensures accountability -</strong> Holding self and others accountable to meet commitments.<br /> <strong>Drives results -</strong> Consistently achieving results, even under tough circumstances.<br /> <strong>Manages conflict -</strong> Handling conflict situations effectively, with a minimum of noise.<br /> <strong>Develops talent -</strong> Developing people to meet both their career goals and the organization’s goals.<br /> <strong>Builds effective teams -</strong> Building strong-identity teams that apply their diverse skills and perspectives to achieve common goals.<br /> <strong>Communicates effectively -</strong> Developing and delivering multi-mode communications that convey a clear understanding of the unique needs of different audiences.<br /> <strong>Project Portfolio Management -</strong> Plans, prioritizes, sequences and manages one or more project portfolios utilizing analysis of portfolio risk and performance (diversification, value assurance assessment, company synergy, alignment, and long-term maintenance) to optimize and prioritize projects and maximize business value.<br /> <b>Strategic Road map Planning -</b> Produces a high-level, multi-year product and capability road map utilizing internal and external business resource, asset and market knowledge and experience to communicate the organization's focus and priorities to internal and external stakeholders.<br /> <strong>Release Planning - </strong>Plans and manages the release of capabilities, features or products using inputs from the prioritized road map, planning, available resources and skills to communicate expected availability and releases of capability.<br /> <strong>Project Resource Management -</strong> Develops resource (expense and headcount) plans using recommended project management tools and processes to manage resources effectively.<br /> <strong>Education, Licenses, Certifications</strong><br /> College, university, or equivalent degree in Information Technology, Business or a related subject required<br /> CISM Preferred<br /> CISA Preferred<br /> <br /> <strong>Compensation and Benefits</strong><br /> Base annual salary commensurate with experience plus annual variable compensation. Additional benefits vary between locations and include options such as our 401(k) Retirement Savings Plan, Cash Balance Pension Plan, Medical/Dental/Life Insurance, Health Savings Account, Domestic Partners Coverage and a full complement of personal and professional benefits.<br />   <br /> <strong>E-verify</strong><br /> We are an equal opportunity and affirmative action employer dedicated to diversity in the workplace. Our policy is to provide equal employment opportunities to all qualified persons without regard to race, gender, color, disability, national origin, age, religion, union affiliation, sexual orientation, veteran status, citizenship, gender identity and/or expression, or other status protected by law.<br />  <br /> We validate right to work using E-Verify.<br /> We will provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS), with information from each new employee’s Form I-9 to confirm work authorization. To learn more about E-Verify, including your rights and responsibilities, please visit <a href=""></a> .<br />  <br />  <br />  <br />  <br />  <br />   Tech-Connect San Francisco CA

Information Risk Management Director

Twilio Inc.