Logo
Docusign

Director, Product Security

Docusign, Seattle

Save Job

Join to apply for the Director, Product Security role at Docusign .

Get AI-powered advice on this job and more exclusive features.

Company Overview

Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people’s lives. With intelligent agreement management, Docusign unleashes business-critical data trapped inside documents, which were previously disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign’s Intelligent Agreement Management platform, companies can create, commit, and manage agreements, leading in e-signature and contract lifecycle management (CLM).

What you'll do

The Director of Product Security leads a team of technical security professionals to secure Docusign products. The role focuses on ensuring secure and scalable product development, enabling developers to ship secure code, and integrating security into the entire product lifecycle.

Responsibilities

  1. Own and execute the vision for Product Security, including capabilities in SDLC, Security Champions, Bug Bounty, Penetration Testing, and Security Reporting.
  2. Maintain a secure software development lifecycle, partnering with engineering to shift-left, reduce risk, and improve developer satisfaction.
  3. Identify opportunities for continuous improvement in Product Security and shift-left strategies.
  4. Expand and develop a team of application and product security professionals.
  5. Review and oversee CI/CD pipelines, build, and release systems.
  6. Participate in threat modeling programs for risk management and development priorities.
  7. Develop Application Security scorecards to drive action and reduce organizational risk.
  8. Oversee software craftsmanship, security, availability, resilience, and scalability of solutions.
  9. Set risk management guidelines and partner with stakeholders to implement key initiatives.
  10. Lead projects, encourage innovation, and promote continuous learning within engineering teams.
  11. Manage resources and budgets for strategic security initiatives.
  12. Oversee security tools to improve usability and customer satisfaction.
  13. Develop strategies for implementing application security controls within Lines of Business.
  14. Contribute to broader security practices, offering guidance on service execution, developer enablement, and remediation.

Job Designation

Hybrid: Employees split time between in-office and remote work, with a minimum of 2 days/week in-office.

What you bring

Basic

  • Bachelor's Degree in technology or related fields, or equivalent experience in Security and Risk Management.
  • Minimum 12 years in Cyber Security, Information Security, or Application Security and Architecture.
  • At least 5 years in people management.
  • Proven success leading technical teams and communicating across organizational levels.
  • Experience in developing product security capabilities for SDLC with usability and risk reduction.

Preferred

  • Strong coaching, prioritization, and strategic impact skills.
  • Commitment to talent development and training.
  • Knowledge of industry standards like OWASP, HIPAA, HITRUST, ISO 27001, NIST 800-53, PCI-DSS.
  • Experience securing cloud applications.
  • Leadership in prioritization, trade-offs, and long-term program growth.
  • Excellent communication skills.
  • Leadership qualities of integrity, trust, and clarity.
  • Experience with development environments like .NET Core, Java, or NodeJS.

Wage Transparency

Salary varies based on location, experience, and skills. For example, in California, the range is $202,800 - $327,625. Other locations have different ranges.

#J-18808-Ljbffr