Information Security & Risk Program Manager
Who We Are
The Information Security (InfoSec) organization plays a key role within the trust and security program at Twitter. InfoSec partners with teams across the organization, supporting their ability to make strategic decisions informed by authoritative security analysis. The Security Risk Management team focuses on building processes and methodologies for evaluating security risk throughout Twitter.
What You’ll Do
In this role you will help Twitter evaluate security risks and recommend mitigation as part of Twitter’s information security risk management function. In this role you will drive risk management activities such as:
- Design and execution of periodic risk & control assessments with a focus on security control efficacy.
- Providing guidance related to design and implementation of Twitter’s internal and external control requirements (e.g., ISO, PCI, SOX).
- Reviewing 3rd party products and services used by Twitter.
- Designing and reporting relevant security risk management metrics to Sr. management.
- Facilitating periodic risk management processes (e.g., PCI readiness).
- Contributing to the development of security policy & standards.
- Automating and streamlining existing processes and procedures.
Who You Are
We’re looking for a security risk management professional to assist Twitter with meeting our information security obligations and protecting our users data. If you have experience helping companies with oversight of security programs and,
- Have worked with implementing various security control standards (e.g., ISO 2700x, PCI DSS, NIST 800.30) at large complex organizations.
- Are familiar with common audit methodologies.
- Have demonstrated success with working on large security projects with multiple business partners.
- Knowledge of attacker methodologies, common attack tools and patterns.
- Are capable of assessing network, host, and application security controls per standard methodology.
- Are able to discuss issues at technical and business levels with audiences of various backgrounds.
- Have experience working with GRC products.
- Bachelor degree in Information Security, Computer Science, Management Information Systems or related field preferred.
- 4-7 years work experience in Information Security.
- Good communication skills.
We are committed to an inclusive and diverse Twitter. Twitter is an equal opportunity employer. We do not discriminate based on race, color, ethnicity, ancestry, national origin, religion, sex, gender, gender identity, gender expression, sexual orientation, age, disability, veteran status, genetic information, marital status or any legally protected status.
San Francisco applicants: Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
After you apply, a recruiter may reach out to you for an introductory call.
If your background is a match for the role, you may phone interview with 1-2 people.
If you continue through the process, you will come onsite 1-2 times to interview with a total of 5-10 people.
Twitter Recruiting: All the deets about who we're hiring, what we're doing and why you should come and work here! #lovewhereyouwork
We're your one stop shop for anything University related. That means campus outreach, student advice/tips, & of course, our University Recruiting efforts!