Director, Platform Security

DocuSign

DocuSign

Administration
San Francisco, CA, USA · Seattle, WA, USA
Posted on Saturday, May 25, 2024

Director, Platform Security

ID 2024-24584
Location
US-CA-San Francisco | US-WA-Seattle
Category
Trust & Security
Position Type
Regular

Company Overview

Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people’s lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign’s Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM).

What you'll do

Docusign values security as being critical to the company’s continued success. Our mission is to cultivate a culture of security, enabling the company to succeed in building great platforms for our customers. The Platform Security team is the foundation of preventive security practices to protect assets deployed on-prem and in the cloud from an adverse event. The Director of Platform Security partners with key security and business leaders as well as project and integration teams to ensure our endpoints and cloud and on-prem environments are secure.

This position is a people manager role reporting to the Vice President of Security Assurance.

Responsibility

  • Lead the team that designs, builds, and operates the efficacy of on-prem and cloud security solutions and employee endpoint protection against potential and ongoing security threats
  • Establish and drive the maturity of the platform cybersecurity posture roadmap
  • Develop and define security processes, procedures, and service-level agreements to ensure that security controls are managed, maintained and cost effective
  • Design secure cloud-native platforms, core services and security controls across multiple public and private cloud environments including Azure, AWS, and GCP
  • Develop and maintain strong working relationships with multiple internal engineering groups and partners at both a technical and leadership level to maintain alignment on technical strategies
  • Establish solid relationships with cyber threat teams and vendors in order to understand current and emerging threats and associated countermeasures, including leading a team on managing, maintaining, and increasing visibility into the organization and applying threat intelligence to proactively mitigate risk
  • Lead, implement, and monitor a strategic and comprehensive program to ensure the integrity, confidentiality and availability of services that lead to zero trust
  • Manage the platform security budget, ensure cost-effectiveness and service efficacy
  • Define and maintain dashboards and metrics that support enterprise security team maturity efforts
  • Define platform security configuration and operation standards for systems and applications, including policy assessment and compliance tools
  • Develop, validate, and implement baseline security configurations for operating systems, PaaS, SaaS and cloud environments

Job Designation

Hybrid: Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation)

Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign. Docusign reserves the right to change a position's job designation depending on business needs and as permitted by local law.

What you bring

Basic

  • 8+ years of deep technical expertise across multiple technical domains including cloud computing, security, identity and access management and IT infrastructure
  • Bachelor's or Master's degree or relevant experience
  • 5+ years of previous experience implementing automated workflows in CI/CD, DevOps, or DevSecOps environments
  • 5+ years previous experience using tools enabling automated workflows, such as Jenkins, Gitlab, TFS, Github, etc.
  • 2+ years previous experience with containers and container technology such as Docker, Kubernetes, etc.
  • Experience with modern delivery methodologies including Agile and DevSecOps
  • Experience in both designing and securing solutions in a complex and regulated enterprise environment
  • Experience defining security requirements and helping teams implement them through collaborative architecture and engineering
  • Experience communicating complex subjects regarding strategic and tactical cybersecurity processes to partners of varying technical levels
  • Experience with and solid understanding of advanced persistent threats, attacker methodologies, attack lifecycle, cyber kill chain, diamond modeling and the MITRE framework

Preferred

  • Solid project management and people management skills
  • Attention to detail and demonstrated ability to drive projects towards completion within minimal supervision
  • Passion for working with teams with varied strengths and ideas, understanding and taking into account each perspective
  • Professional certification such as CISSP, CCSP or CCSK, Cloud Platform and Infrastructure relevant experience and certification
  • Working knowledge of standard industry cybersecurity requirements and regulatory requirements such as OWASP, HIPAA, HITRUST, ISO 27001, NIST 800-53, and PCI-DSS
  • Experience in securing applications in cloud architectures
  • Professionalism, sensitivity, discretion, and sound decision-making skills aligned with interacting at the senior management level
  • Ability to work in a highly matrixed environment and influence teams
  • Demonstrated experience guiding prioritization, tradeoffs of work and long term program growth
  • Excellent written and oral communication skills
  • Proven leadership capabilities of integrity, self-discipline, and building an environment of trust
  • Strong experience managing a technical team in a fast-paced environment
  • Demonstrated ability to drive clarity and consensus among broad organizations
  • Ability to interpret and translate customer requirements into operational actions
  • Experience working in development environments with .NET Core, Java or NodeJS

Wage Transparency

Based on applicable legislation, the below details pay ranges in the following locations:

California: $195,500 - $315,775 base salary

Washington and New York (including NYC metro area): $186,200 - $276,125 base salary

This role is also eligible for bonus, equity and benefits.

Global benefits provide options for the following:

  • Paid Time Off: earned time off, as well as paid company holidays based on region
  • Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
  • Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
  • Retirement Plans: select retirement and pension programs with potential for employer contributions
  • Learning and Development: options for coaching, online courses and education reimbursements
  • Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events

Life at DocuSign

Working here

Docusign is committed to building trust and making the world more agreeable for our employees, customers and the communities in which we live and work. You can count on us to listen, be honest, and try our best to do what’s right, every day. At Docusign, everything is equal.

We each have a responsibility to ensure every team member has an equal opportunity to succeed, to be heard, to exchange ideas openly, to build lasting relationships, and to do the work of their life. Best of all, you will be able to feel deep pride in the work you do, because your contribution helps us make the world better than we found it. And for that, you’ll be loved by us, our customers, and the world in which we live.

Accommodation

Docusign is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need such an accommodation, or a religious accommodation, during the application process, please contact us at accommodations@docusign.com.

If you experience any issues, concerns, or technical difficulties during the application process please get in touch with our Talent organization at taops@docusign.com for assistance.

Applicant and Candidate Privacy Notice

States Not Eligible for Employment

This position is not eligible for employment in the following states: Alaska, Hawaii, Maine, Mississippi, North Dakota, South Dakota, Vermont, West Virginia and Wyoming.

EEO Statement

It's important to us that we build a talented team that is as diverse as our customers and where all employees feel a deep sense of belonging and thrive. We encourage great talent who bring a range of perspectives to apply for our open positions. Docusign is an Equal Opportunity Employer and makes hiring decisions based on experience, skill, aptitude and a can-do approach. We will not discriminate based on race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, or any other legally protected category.

EEO Know Your Rights poster

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed