Governance Compliance Lead

See yourself at Twilio

Join the team as Twilio’s next Governance Compliance Lead.

Who we are & why we’re hiring

Twilio powers real-time business communications and data solutions that help companies and developers worldwide build better applications and customer experiences.

Although we're headquartered in San Francisco, we have presence throughout South America, Europe, Asia and Australia. We're on a journey to becoming a global company that actively opposes racism and all forms of oppression and bias. At Twilio, we support diversity, equity & inclusion wherever we do business.

About the job

This role is crucial for enhancing Twilio's IT compliance landscape within our broader governance and compliance strategy. Reporting to the Director of IT Governance, the Governance Compliance Lead will promote IT adherence to various IT compliance frameworks, including GDPR, PCI-DSS, NIST, and SOX. This position emphasizes partnership with both the IT and Compliance teams, acting as a trusted advisor to track and mitigate risks, and develop Twilio’s unified control framework.

As a Governance Compliance Lead, you will play a significant role in supporting IT risk management and policy/control creation. Experience in the Secure Software Development Life Cycle (SSDLC) is a plus, as this role involves partnering with IT teams to foster a compliance and security by design mindset.

Responsibilities

In this role, you’ll:

• Maintain IT Compliance Frameworks: Establish and implement practices for managing IT compliance, aligning with Twilio’s broader objectives while reducing manual workload for IT team members through automation.
• Unified Control Framework Development: Lead efforts to develop and enhance Twilio’s unified control framework, integrating various compliance requirements and streamlining IT evidence gathering and requests to improve efficiency. 
• Proactive Engagement: Initiate compliance measures to keep pace with evolving IT regulatory requirements like GDPR and best practices.
• Policy Creation and Review: Oversee the creation and review of policies related to IT development, ensuring alignment with compliance requirements.
• Stakeholder Communication: Ensure clear communication of compliance requirements and developments, acting as a trusted advisor across departments to build strong inter-departmental partnerships.
• Independent Operations: Confidently monitor and enhance compliance processes, providing feedback for ongoing improvement.
• Strategic Compliance Oversight: Oversee compliance for frameworks, translating regulatory requirements into actionable internal policies and IT controls
• Audit and Risk Management: Support internal audits and align strategies with IT risk management to mitigate threats.
• Collaboration and Coordination: Work closely with IT teams to integrate compliance considerations within the SSDLC.

Qualifications 

Not all applicants will have skills that match a job description exactly. Twilio values diverse experiences in other industries, and we encourage everyone who meets the required qualifications to apply. While having “desired” qualifications make for a strong candidate, we encourage applicants with alternative experiences to also apply. If your career is just starting or hasn't followed a traditional path, don't let that stop you from considering Twilio. We are always looking for people who will bring something new to the table!

Required:

• Experience: Minimum of 8+ years in IT compliance roles, focusing on multiple compliance frameworks. Big 4 experience is advantageous.
• Education: Bachelor's degree in Information Technology, Information Systems, Business Administration, or a related discipline.
• Core Skills: Expertise in GDPR, PCI-DSS, NIST, SOX, and other frameworks. Strong project management, policy development, and IT risk management capability.
• Competencies: Excellent communication and stakeholder management abilities, with a proactive and independent work ethic.

Desired:

• Framework Knowledge: Awareness of governance or regulatory environments and frameworks such as PCI, COBIT, SOC, NIST, GDPR, SOX
• Certifications: CISA, CRISC, or CGEIT preferred.

Location

This role will be Remote, and based in either Karnataka, Maharashtra, Telangana, Tamil Nadu or New Delhi.

Travel

We prioritize connection and opportunities to build relationships with our customers and each other. For this role, you may be required to travel occasionally to participate in project or team in-person meetings.

What We Offer

There are many benefits to working at Twilio, including, in addition to competitive pay, things like generous time-off, ample parental and wellness leave, healthcare, a retirement savings program, and much more. Offerings vary by location.

Twilio thinks big. Do you?

We like to solve problems, take initiative, pitch in when needed, and are always up for trying new things. That's why we seek out colleagues who embody our values — something we call Twilio Magic. Additionally, we empower employees to build positive change in their communities by supporting their volunteering and donation efforts.

So, if you're ready to unleash your full potential, do your best work, and be the best version of yourself, apply now!

If this role isn't what you're looking for, please consider other open positions.