Sr. Manager, CSIRT jobs in United States
cer-icon
Apply on Employer Site
company-logo

Docusign · 3 hours ago

Sr. Manager, CSIRT

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$158K/yr - $254K/yr
date8+ years exp

Docusign is a leading company in e-signature and contract lifecycle management, seeking an experienced CSIRT Manager to join their global security team. This role will be responsible for leading security incident response efforts, ensuring efficient alerting, and conducting in-depth investigations to protect the organization from cyber threats.

Business Process Automation (BPA)Cloud ManagementComputerE-SignatureInformation TechnologySaaSSoftware
check
H1B Sponsor Likelynote

Responsibilities

Act as Incident Commander for all security issues across the enterprise
Lead the incident response team in identifying, analyzing, and resolving cybersecurity incidents
Coordinate with stakeholders for timely and effective resolution
Develop and maintain incident response plans, playbooks, and SOPs
Manage on-call rotation
Communicate clearly with senior management and external stakeholders during and post-incident
Prepare detailed incident reports with post-incident analysis and recommendations
Collaborate with other cybersecurity teams to improve detection rules, refine security policies, and enhance overall security posture
Maintain working relationships with law enforcement when required
Analyze security monitoring alerts and respond to cybersecurity incidents
Serve as a subject matter expert who defines visibility and response requirements
Perform forensic analysis on data and endpoints
Lead complex investigations into advanced cyber threats, including malware outbreaks, targeted attacks, and persistent threats
Conduct thorough investigations to determine root cause and impact of incidents
Use threat intelligence and advanced analytics to identify and address potential threats
Implement and oversee remediation measures to prevent recurrence
Hunt for hidden threats within enterprise networks proactively using threat intelligence and behavioral analytics
Partner with Detection Engineering to refine threat detection rules to improve SOC visibility
Create automation solutions for expedient response and effective detection
Automate incident and remediation reports, leveraging AI where possible
Drive a culture of continuous improvement
Perform root cause analysis on security incidents and recommend improvements to security controls
Stay updated on industry best practices and evolving attack techniques to ensure effective defenses

Qualification

Incident Response ManagementCybersecurity PrinciplesDigital ForensicsThreat IntelligenceSecurity Operations Center (SOC)SIEM ToolsSecurity AutomationCloud SecurityAnalytical SkillsIndustry CertificationsLeadership SkillsCommunication SkillsProblem-Solving SkillsCollaboration SkillsAttention to Detail

Required

Minimum of 8 years of experience in cybersecurity with at least 5 years in incident response (IR)
3+ years of proven experience in an IR management role, with a track record of building, mentoring, and scaling security teams
Background in Security Operations Center (SOC) operations, including incident response, and security monitoring
Experience with leveraging threat intelligence to anticipate and mitigate cyber threats, and extensive experience in digital forensics, covering evidence collection, analysis, and reporting
Experience leading global, cross-functional, and complex security incidents
Experience with data and SIEM tools (e.g., Splunk, Databricks, Sentinel)
Experience working with security automation and orchestration tools (SOAR), including how to prioritize efforts, forecast, and show cost savings
Experience with cyber threat landscape, attacker tactics, techniques, and procedures (TTPs), and frameworks such as MITRE ATT&CK
Experience with security tools and technologies such as SIEM/SOAR platforms (e.g., Splunk, Sentinel), EDR, IDS/IPS, network traffic analysis tools (e.g., Zeek, Suricata, Yara), and cloud security solutions, with an understanding of their architecture and integration
Experience managing a balance of operational and project workloads

Preferred

Bachelor's or Master's degree in Computer Science, Information Security, or Cybersecurity
Exceptional communication (written and verbal) and presentation skills, with the ability to convey technical findings and recommendations to diverse audiences, including explaining complex engineering concepts
Passion for continuous learning, operational excellence, and a proactive, adversarial mindset, with a commitment to improving response processes and outcomes
Proven ability to collaborate effectively across cross-functional teams, influence stakeholders, and drive consensus, fostering a collaborative engineering environment
Ability to work under pressure and handle multiple priorities
Strong analytical and problem-solving skills, with meticulous attention to detail and an engineering approach to root cause analysis
Industry certifications such as GCIH, GCFA, CISSP, CISM, CEH, or OSCP
Experience with cloud security (AWS, Azure, GCP)

Benefits

Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance.
Stock: This role is eligible to receive Restricted Stock Units (RSUs).
Paid Time Off: earned time off, as well as paid company holidays based on region
Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
Retirement Plans: select retirement and pension programs with potential for employer contributions
Learning and Development: options for coaching, online courses and education reimbursements
Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events

Company

Docusign

twittertwittertwitter
Glassdoor3.6
company-logo
DocuSign helps small- and medium-sized businesses collect information, automate data workflows, and sign on various devices.
dateFounded in 2003
location
San Francisco, California, USA
people-size5001-10000 employees
web-link
http://www.docusign.com

H1B Sponsorship

Docusign has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (361)
2024 (337)
2023 (236)
2022 (249)
2021 (236)
2020 (115)

Funding

Current Stage
Public Company
Total Funding
$1.29B
Key Investors
Bank of AmericaFounders Circle CapitalGreenspring Associates
2025-05-27Post Ipo Debt· $750M
2018-04-27IPO
2016-10-12Secondary Market

Leadership Team

leader-logo
Allan Thygesen
Chief Executive Officer
linkedin
leader-logo
Sagnik Nandy
Chief Technology Officer
linkedin

Recent News

The Verge
Docusign’s CEO on the dangers of trusting AI to read, and write, your contracts
2026-02-02
PR Newswire
Realtor.com® Unveils Realtor.com®+™: A First-of-Its-Kind Collaborative Home Search Experience
2026-01-22
HousingWire.com
Realtor.com launches platform to boost MLS value, collaboration
2026-01-22
Company data provided by crunchbase