Security Compliance & Regulatory Affairs Analyst
New
This role will be remote, but is not eligible to be hired in CA, CT, NJ, NY, PA, WA.Full-TimeMiddle
Salary$128,560 - $160,700 (CO, HI, IL, MD, MA, MN, VT, DC); $136,000 - $170,000 (NY, NJ, WA, CA outside SF Bay); $151,120 - $188,900 (SF Bay area, CA).
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years
- Required Skills
- Risk Management
Requirements
- 5+ years of experience in security compliance, telecom compliance, regulatory affairs, GRC, or related domain within a global technology, cloud, or telecom environment
- Experience interpreting and operationalizing security frameworks and regulations (e.g., NIS 2, ISO 27001, SOC 2, telecom regulatory regimes)
- Experience mapping regulatory requirements to control frameworks, policies, and technical implementations
- Broad understanding of security architecture, networking, access control, software development, cryptography, and operations
- Ability to analyze ambiguous regulations and produce defensible interpretations
- Strong written communication skills for producing audit-ready documentation
- Proven ability to collaborate across Legal, Engineering, Security, Product, Sales, and Risk teams
- Self-sufficiency and critical thinking skills with the ability to execute without detailed instruction
Responsibilities
- Support the SCRA Lead in executing Twilio’s global security regulatory strategy, including contributing to program design, prioritization, and long-term regulatory planning
- Independently interpret complex and ambiguous regulatory frameworks (e.g., NIS 2, EU transpositions, TSA UK) and provide structured outputs that support Lead-level strategy and decision-making
- Support the development and maintenance of regulatory repositories and systems of record, ensuring accuracy, traceability, and audit readiness
- Execute and continuously improve the Cyber Regulation Intake & Triage process in partnership with Legal, ensuring consistent classification, routing, and lifecycle tracking of regulatory obligations
- Map regulatory requirements to internal control frameworks (e.g., UCF, ISO 27001, internal standards), identifying gaps and supporting Lead-driven control strategy decisions
- Develop regulator-ready and high-quality artifacts, including evidence mappings, control narratives, risk statements, and audit support documentation
- Partner cross-functionally with Legal, Public Policy, R&D, Security, Product, Sales, and Risk teams
View Full Description & ApplyYou'll be redirected to the employer's site