Docusign
What you'll do
The Senior Manager, GRC Engineering will define and execute the strategy for GRC automation, data pipelines, and analytics, enabling a scalable, technology-driven governance model. This role leads the engineering function that powers GRC capabilities, including evidence automation, policy exception workflows, dashboard creation, metrics pipelines, and platform integrations. Partnering closely with Product, Technology Engineering, Data and Security teams, you will establish modern, automated, and data-driven processes to strengthen the security and compliance posture of the organization. This position is a people manager role reporting to the Senior Director of Security Governance, Risk Management and Compliance (GRC). Responsibilities
Define the strategic roadmap for GRC engineering, automation, and analytics capabilities Build, lead, and mentor a team of GRC engineers and platform specialists Provide technical leadership - reviewing integrations, scripts, pipelines, configurations, and platform builds - for the GRC Engineering team Lead the design and implementation of scalable evidence collection systems, metrics pipelines, compliance workflows, and policy exception processes Integrate GRC systems with cloud and SaaS environments to enable automated evidence collection, continuous control monitoring, and compliance-by-design Partner with GRC, Security, Engineering and Information Technology teams to align engineering-driven GRC solutions to business and regulatory priorities Drive the adoption of self-service automation for evidence submission, exceptions, and compliance reporting Embed security control validation into CI/CD pipelines and engineering workflows Explore AI/ML capabilities for risk scoring, document summarization, and control classification Develop dashboards, KPIs, KRIs, and reporting logic to measure security compliance, risk, and control effectiveness across all environments and products Provide thought leadership on automation-first GRC strategy and continuously evaluate emerging technologies, tools, and frameworks Oversee workflows, connectors, and automations built in GRC and Engineering platforms such as ServiceNow IRM, LogicGate, OneTrust, Jira and others Establish a consistent metrics pipeline to enable data-driven decision-making by executives and security leadership Partner with engineering and analytics teams to leverage platforms such as Tableau, Power BI, or Looker for visualization and reporting Act as the bridge between GRC, Internal Audit, Engineering and Security ensuring strong integration across teams Collaborate with DevSecOps engineers to embed security control validation into CI/CD pipelines and engineering workflows Partner with AI/ML-focused engineers to leverage emerging capabilities for risk scoring, document summarization, and control classification Set performance goals, foster technical excellence, and build a high-performing engineering culture within GRC Influence resource allocation, priorities, and staffing plans to support evolving GRC and security objectives Job Designation
Hybrid:
Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation) Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign. Docusign reserves the right to change a position\'s job designation depending on business needs and as permitted by local law. What you bring
Basic
8+ years of experience in information security, GRC, or security engineering, with 5+ years in a leadership role Bachelor’s or Master’s degree in Computer Science, Computer Engineering, Software Engineering Relevant certifications such as CISM, CISSP, CCSP, or equivalent Experience building GRC engineering capabilities, including automation, evidence connectors, dashboards, and policy workflows Experience with GRC platforms (e.g., ServiceNow GRC, LogicGate, OneTrust) and their integrations into enterprise environments Experience with modern cloud and SaaS security models (AWS, GCP, Azure) and evidence automation using APIs/SDKs Experience with DevSecOps practices, CI/CD integrations, and security control validation pipelines Proven ability to define strategic roadmaps, lead cross-functional programs, and deliver measurable business outcomes Preferred
Excellent stakeholder management skills, able to partner with engineering, security, compliance, and product teams Excellent documentation and reporting skills Excellent collaboration and communication management skills across technical and non-technical audiences Hands-on familiarity with evidence automation scripting (Python, REST APIs, SDK integrations) Experience with metrics visualization tools such as Tableau, Power BI, or Looker Exposure to AI/ML solutions for GRC, including document summarization, LLM copilots, or automated control mapping Wage Transparency
Pay for this position is based on a number of factors including geographic location and may vary depending on job-related knowledge, skills, and experience. Based on applicable legislation, the below details pay ranges in the following locations: California: $177,900.00 - $287,425.00 base salary Illinois, Colorado, Massachusetts and Minnesota: $170,900.00 - $241,400.00 base salary Washington, Maryland, New Jersey and New York (including NYC metro area): $170,900.00 - $251,325.00 base salary This Role Is Also Eligible For The Following
Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance. Stock: This role is eligible to receive Restricted Stock Units (RSUs). Benefits
Global benefits provide options for the following: Paid Time Off: earned time off, as well as paid company holidays based on region Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment Retirement Plans: select retirement and pension programs with potential for employer contributions Learning and Development: options for coaching, online courses and education reimbursements Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events Equal Opportunity
Equal Opportunity Employer: Docusign is an Equal Opportunity Employer and makes hiring decisions based on experience, skill, aptitude and a can-do approach. We will not discriminate based on race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, veteran or military status, or any other legally protected category. EEO Know Your Rights poster States Not Eligible for Employment: This position is not eligible for employment in the following states: Alaska, Hawaii, Maine, Mississippi, North Dakota, South Dakota, Vermont, West Virginia and Wyoming. Seniority level
Mid-Senior level Employment type
Contract Job function
Engineering and Information Technology Industries Software Development
#J-18808-Ljbffr
The Senior Manager, GRC Engineering will define and execute the strategy for GRC automation, data pipelines, and analytics, enabling a scalable, technology-driven governance model. This role leads the engineering function that powers GRC capabilities, including evidence automation, policy exception workflows, dashboard creation, metrics pipelines, and platform integrations. Partnering closely with Product, Technology Engineering, Data and Security teams, you will establish modern, automated, and data-driven processes to strengthen the security and compliance posture of the organization. This position is a people manager role reporting to the Senior Director of Security Governance, Risk Management and Compliance (GRC). Responsibilities
Define the strategic roadmap for GRC engineering, automation, and analytics capabilities Build, lead, and mentor a team of GRC engineers and platform specialists Provide technical leadership - reviewing integrations, scripts, pipelines, configurations, and platform builds - for the GRC Engineering team Lead the design and implementation of scalable evidence collection systems, metrics pipelines, compliance workflows, and policy exception processes Integrate GRC systems with cloud and SaaS environments to enable automated evidence collection, continuous control monitoring, and compliance-by-design Partner with GRC, Security, Engineering and Information Technology teams to align engineering-driven GRC solutions to business and regulatory priorities Drive the adoption of self-service automation for evidence submission, exceptions, and compliance reporting Embed security control validation into CI/CD pipelines and engineering workflows Explore AI/ML capabilities for risk scoring, document summarization, and control classification Develop dashboards, KPIs, KRIs, and reporting logic to measure security compliance, risk, and control effectiveness across all environments and products Provide thought leadership on automation-first GRC strategy and continuously evaluate emerging technologies, tools, and frameworks Oversee workflows, connectors, and automations built in GRC and Engineering platforms such as ServiceNow IRM, LogicGate, OneTrust, Jira and others Establish a consistent metrics pipeline to enable data-driven decision-making by executives and security leadership Partner with engineering and analytics teams to leverage platforms such as Tableau, Power BI, or Looker for visualization and reporting Act as the bridge between GRC, Internal Audit, Engineering and Security ensuring strong integration across teams Collaborate with DevSecOps engineers to embed security control validation into CI/CD pipelines and engineering workflows Partner with AI/ML-focused engineers to leverage emerging capabilities for risk scoring, document summarization, and control classification Set performance goals, foster technical excellence, and build a high-performing engineering culture within GRC Influence resource allocation, priorities, and staffing plans to support evolving GRC and security objectives Job Designation
Hybrid:
Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation) Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign. Docusign reserves the right to change a position\'s job designation depending on business needs and as permitted by local law. What you bring
Basic
8+ years of experience in information security, GRC, or security engineering, with 5+ years in a leadership role Bachelor’s or Master’s degree in Computer Science, Computer Engineering, Software Engineering Relevant certifications such as CISM, CISSP, CCSP, or equivalent Experience building GRC engineering capabilities, including automation, evidence connectors, dashboards, and policy workflows Experience with GRC platforms (e.g., ServiceNow GRC, LogicGate, OneTrust) and their integrations into enterprise environments Experience with modern cloud and SaaS security models (AWS, GCP, Azure) and evidence automation using APIs/SDKs Experience with DevSecOps practices, CI/CD integrations, and security control validation pipelines Proven ability to define strategic roadmaps, lead cross-functional programs, and deliver measurable business outcomes Preferred
Excellent stakeholder management skills, able to partner with engineering, security, compliance, and product teams Excellent documentation and reporting skills Excellent collaboration and communication management skills across technical and non-technical audiences Hands-on familiarity with evidence automation scripting (Python, REST APIs, SDK integrations) Experience with metrics visualization tools such as Tableau, Power BI, or Looker Exposure to AI/ML solutions for GRC, including document summarization, LLM copilots, or automated control mapping Wage Transparency
Pay for this position is based on a number of factors including geographic location and may vary depending on job-related knowledge, skills, and experience. Based on applicable legislation, the below details pay ranges in the following locations: California: $177,900.00 - $287,425.00 base salary Illinois, Colorado, Massachusetts and Minnesota: $170,900.00 - $241,400.00 base salary Washington, Maryland, New Jersey and New York (including NYC metro area): $170,900.00 - $251,325.00 base salary This Role Is Also Eligible For The Following
Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance. Stock: This role is eligible to receive Restricted Stock Units (RSUs). Benefits
Global benefits provide options for the following: Paid Time Off: earned time off, as well as paid company holidays based on region Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment Retirement Plans: select retirement and pension programs with potential for employer contributions Learning and Development: options for coaching, online courses and education reimbursements Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events Equal Opportunity
Equal Opportunity Employer: Docusign is an Equal Opportunity Employer and makes hiring decisions based on experience, skill, aptitude and a can-do approach. We will not discriminate based on race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, veteran or military status, or any other legally protected category. EEO Know Your Rights poster States Not Eligible for Employment: This position is not eligible for employment in the following states: Alaska, Hawaii, Maine, Mississippi, North Dakota, South Dakota, Vermont, West Virginia and Wyoming. Seniority level
Mid-Senior level Employment type
Contract Job function
Engineering and Information Technology Industries Software Development
#J-18808-Ljbffr