Docusign · 14 hours ago
Technical Security Governance Manager
Seattle, WA
Full-time
Hybrid
Mid, Senior Level
$128K/yr - $200K/yr
5+ years expDocusign brings agreements to life, serving over 1.5 million customers globally. The Technical Security Governance Manager will evolve the governance model from policy-driven to technically prescriptive, ensuring security policies and controls are effective and implementable.
Business Process Automation (BPA)Cloud ManagementComputerE-SignatureInformation TechnologySaaSSoftware
No H1B
Responsibilities
Support the development, maintenance, and refinement of enterprise-wide security policies, standards, and control objectives
Contribute to aligning policies with frameworks (e.g., ISO, SOC 2, NIST, PCI, FedRAMP) and regulatory requirements
Assist in keeping security policies and standards current, practical, and risk-aligned
Define and document controls with both policy and technical input, ensuring they are implementable and measurable
Partner with engineering to help embed controls into systems, CI/CD pipelines, and operational processes
Support policy education and adoption programs to drive awareness and compliance across the organization
Help design processes that integrate policy-driven controls into engineering ways of working
Collaborate with compliance and risk teams to track and monitor control effectiveness
Utilize technical tooling (e.g., GRC systems, automation dashboards) to provide visibility into control implementation
Participate in technical assurance efforts to identify implementation gaps before they become audit findings
Qualification
Required
5+ years of experience in security governance, GRC, or security engineering, with at least 3 years in a technical security role
University degree in Computer Science, Information Systems, or related field, or equivalent work experience
Knowledge of security frameworks and standards (e.g., ISO 27001, SOC 2, NIST CSF, PCI DSS, FedRAMP)
Experience helping define and embed security controls into engineering workflows, CI/CD pipelines, or infrastructure
Familiarity with security tooling, GRC platforms, and automation frameworks
Preferred
One or more certifications such as Security+, CISA, CISM, or CISSP
Experience working in cloud environments (AWS, GCP, Azure) with exposure to infrastructure-as-code practices
Understanding of DevSecOps, security automation, and control validation techniques
Experience supporting cross-functional initiatives involving engineering, compliance, and product teams
Proactive, demonstrated self-starter, open to learning new security topics, flexible and organized
Strong collaboration and communication skills with both technical and non-technical audiences
Solid documentation and reporting abilities
Strong understanding of information security concepts, processes, and controls
Benefits
Paid Time Off: earned time off, as well as paid company holidays based on region
Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
Retirement Plans: select retirement and pension programs with potential for employer contributions
Learning and Development: options for coaching, online courses and education reimbursements
Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events
Company
Docusign
DocuSign helps small- and medium-sized businesses collect information, automate data workflows, and sign on various devices.
5001-10000 employees
Funding
Current Stage
Public CompanyTotal Funding
$1.29BKey Investors
Bank of AmericaFounders Circle CapitalGreenspring Associates
2025-05-27Post Ipo Debt· $750M
2018-04-27IPO
2016-10-12Secondary Market
Leadership Team
Allan Thygesen
Chief Executive Officer
Sagnik Nandy
Chief Technology Officer
Recent News
2026-01-22
Company data provided by crunchbase