Docusign
Overview
Docusign is hiring a Security GRC Engineer to design, build, and scale the next generation of automation-first GRC solutions. This is a high impact, hands-on technical role for engineers who are passionate about solving complex problems at the intersection of security, risk and technology. You will transform traditional governance, risk, and compliance processes into intelligent, data-driven, and automated systems, integrating across enterprise GRC platforms, cloud services, and data pipelines — applying modern automation and AI/ML techniques to enhance security outcomes, reduce audit fatigue, and enable continuous control monitoring. The ideal candidate has strong technical expertise in security engineering, automation, and cloud platforms, with the ability to translate compliance and risk requirements into scalable, engineering-driven solutions. This role provides an opportunity to help shape how GRC is delivered across the enterprise, working closely with engineering, security, and business teams. This is an individual contributor role reporting to the Senior Manager of GRC Engineering. Responsibilities
Design and implement automation frameworks that connect GRC platforms, cloud services, and enterprise data systems to enable continuous control monitoring Develop and deploy AI/ML-enabled solutions for risk scoring, control validation, evidence collection, and anomaly detection in compliance data Build dashboards and data pipelines that integrate metrics across multiple systems to provide actionable insights for risk and compliance teams Engineer scalable automation and orchestration workflows to enforce policies, detect configuration drift, and remediate non-compliant systems at scale Extend and enhance enterprise GRC platforms (e.g., ServiceNow, OneTrust) through custom workflows, connectors, and APIs Use scripting, orchestration, and data engineering (Python, C#, SQL, Docker, Kubernetes) to deliver reliable, scalable solutions Evaluate and integrate emerging technologies (e.g., generative AI, NLP, graph analytics) to improve GRC outcomes and efficiency Partner with engineering, security, compliance, and audit teams to translate requirements into scalable technical solutions Operate GRC processes and tools as products, ensuring continuous value delivery and measurable impact Champion automation-first GRC practices that reduce audit fatigue and operational overhead Qualifications
Basic
5+ years of experience in Information Security, with significant focus on GRC engineering and automation University degree in Computer Science, Information Systems, or related field One or more of these certifications: CISM, CISA, CISSP, CEH, CompTIA Security+, AWS/Azure Security Experience designing and deploying scalable automated processes via orchestration or automation tools to streamline GRC processes (control testing, evidence collection and analysis) Experience with programming and orchestration (Python, C#, SQL, Container Orchestration Services including Docker and Kubernetes) Experience integrating security/compliance tooling with cloud environments (Azure, AWS, GCP) Experience with data engineering and building scalable reporting pipelines Preferred
Strong cross-functional collaboration, communication, and technical leadership skills Solid understanding of information security concepts, processes, controls and tools Experience with new AI technologies (agents/agentic workflows, LLM APIs, etc) Experience with securely implementing AI/ML architecture and platforms in the enterprise Familiarity with AI governance and risk management frameworks (NIST AI RMF, ISO 42001) Knowledge of regulations and standards including PCI-DSS, ISO 27001, OWASP, and NIST Cybersecurity frameworks Wage Transparency
Pay for this position is based on location and may vary with job-related knowledge, skills, and experience. California: 128,400.00 - 200,200.00 base salary; Illinois, Colorado, Massachusetts and Minnesota: 123,800.00 - 170,225.00; Washington, Maryland, New Jersey and New York (including NYC metro area): 123,800.00 - 176,625.00. This role is also eligible for applicable bonus and RSUs where provided. Benefits
Paid Time Off and holidays based on region Paid Parental Leave up to six months after birth/adoption/foster care Health benefits plans from day one of employment Retirement plans with employer contributions Learning and development opportunities Compassionate Care Leave for life-changing events Job Designation
Hybrid: Employee splits time between in-office and remote work. In-office access is required. Frequency: minimum 2 days per week. Job designation may vary by team and business needs. What you bring
Basic
5+ years of information security experience with GRC automation University degree in CS, Information Systems, or related field Certifications: CISM, CISA, CISSP, CEH, CompTIA Security+, AWS/Azure Security Experience designing and deploying scalable automated GRC processes Experience with Python, C#, SQL, Docker, Kubernetes Experience integrating tooling with Azure, AWS, or GCP Experience with data engineering and scalable reporting Preferred
Strong cross-functional collaboration and technical leadership Solid understanding of security concepts, controls, and tools Experience with AI technologies and AI governance Familiarity with PCI-DSS, ISO 27001, OWASP, NIST cyber risk frameworks EEO and Accommodation
Equity and opportunity for all. Docusign is an Equal Opportunity Employer. Accommodation requests: accommodations@docusign.com. If you experience issues with the application process, contact taops@docusign.com. This position may be subject to state eligibility restrictions where applicable.
#J-18808-Ljbffr
Docusign is hiring a Security GRC Engineer to design, build, and scale the next generation of automation-first GRC solutions. This is a high impact, hands-on technical role for engineers who are passionate about solving complex problems at the intersection of security, risk and technology. You will transform traditional governance, risk, and compliance processes into intelligent, data-driven, and automated systems, integrating across enterprise GRC platforms, cloud services, and data pipelines — applying modern automation and AI/ML techniques to enhance security outcomes, reduce audit fatigue, and enable continuous control monitoring. The ideal candidate has strong technical expertise in security engineering, automation, and cloud platforms, with the ability to translate compliance and risk requirements into scalable, engineering-driven solutions. This role provides an opportunity to help shape how GRC is delivered across the enterprise, working closely with engineering, security, and business teams. This is an individual contributor role reporting to the Senior Manager of GRC Engineering. Responsibilities
Design and implement automation frameworks that connect GRC platforms, cloud services, and enterprise data systems to enable continuous control monitoring Develop and deploy AI/ML-enabled solutions for risk scoring, control validation, evidence collection, and anomaly detection in compliance data Build dashboards and data pipelines that integrate metrics across multiple systems to provide actionable insights for risk and compliance teams Engineer scalable automation and orchestration workflows to enforce policies, detect configuration drift, and remediate non-compliant systems at scale Extend and enhance enterprise GRC platforms (e.g., ServiceNow, OneTrust) through custom workflows, connectors, and APIs Use scripting, orchestration, and data engineering (Python, C#, SQL, Docker, Kubernetes) to deliver reliable, scalable solutions Evaluate and integrate emerging technologies (e.g., generative AI, NLP, graph analytics) to improve GRC outcomes and efficiency Partner with engineering, security, compliance, and audit teams to translate requirements into scalable technical solutions Operate GRC processes and tools as products, ensuring continuous value delivery and measurable impact Champion automation-first GRC practices that reduce audit fatigue and operational overhead Qualifications
Basic
5+ years of experience in Information Security, with significant focus on GRC engineering and automation University degree in Computer Science, Information Systems, or related field One or more of these certifications: CISM, CISA, CISSP, CEH, CompTIA Security+, AWS/Azure Security Experience designing and deploying scalable automated processes via orchestration or automation tools to streamline GRC processes (control testing, evidence collection and analysis) Experience with programming and orchestration (Python, C#, SQL, Container Orchestration Services including Docker and Kubernetes) Experience integrating security/compliance tooling with cloud environments (Azure, AWS, GCP) Experience with data engineering and building scalable reporting pipelines Preferred
Strong cross-functional collaboration, communication, and technical leadership skills Solid understanding of information security concepts, processes, controls and tools Experience with new AI technologies (agents/agentic workflows, LLM APIs, etc) Experience with securely implementing AI/ML architecture and platforms in the enterprise Familiarity with AI governance and risk management frameworks (NIST AI RMF, ISO 42001) Knowledge of regulations and standards including PCI-DSS, ISO 27001, OWASP, and NIST Cybersecurity frameworks Wage Transparency
Pay for this position is based on location and may vary with job-related knowledge, skills, and experience. California: 128,400.00 - 200,200.00 base salary; Illinois, Colorado, Massachusetts and Minnesota: 123,800.00 - 170,225.00; Washington, Maryland, New Jersey and New York (including NYC metro area): 123,800.00 - 176,625.00. This role is also eligible for applicable bonus and RSUs where provided. Benefits
Paid Time Off and holidays based on region Paid Parental Leave up to six months after birth/adoption/foster care Health benefits plans from day one of employment Retirement plans with employer contributions Learning and development opportunities Compassionate Care Leave for life-changing events Job Designation
Hybrid: Employee splits time between in-office and remote work. In-office access is required. Frequency: minimum 2 days per week. Job designation may vary by team and business needs. What you bring
Basic
5+ years of information security experience with GRC automation University degree in CS, Information Systems, or related field Certifications: CISM, CISA, CISSP, CEH, CompTIA Security+, AWS/Azure Security Experience designing and deploying scalable automated GRC processes Experience with Python, C#, SQL, Docker, Kubernetes Experience integrating tooling with Azure, AWS, or GCP Experience with data engineering and scalable reporting Preferred
Strong cross-functional collaboration and technical leadership Solid understanding of security concepts, controls, and tools Experience with AI technologies and AI governance Familiarity with PCI-DSS, ISO 27001, OWASP, NIST cyber risk frameworks EEO and Accommodation
Equity and opportunity for all. Docusign is an Equal Opportunity Employer. Accommodation requests: accommodations@docusign.com. If you experience issues with the application process, contact taops@docusign.com. This position may be subject to state eligibility restrictions where applicable.
#J-18808-Ljbffr