Information Security Risk Manager

Docusign, Inc. Shoreline, WA
Information Security Risk Manager

IT, InfoSec & Business Operations | Seattle, Washington

Build IT & InfoSec solutions that deliver secure, seamless, experiences for people – internally and externally – using our products 24/7 around the world.

Position Summary

DocuSign is seeking a passionate, dynamic, and eager to learn Information Security professional to join our team. This is a unique opportunity to work with everything security of a best-in-class, cloud-based platform on which DocuSign, customer, and partner applications run.

In this dynamic and fast paced role as Risk Manager you will be responsible for driving risk treatment across all business lines of the company. Your background in numerous information security domains will allow you to contribute to helping the business manage its risks. Your experience in the risk space will enable you to build and foster relationships and to teach others how to manage risk. Your demonstrated ability to communicate complex security topics to technical, business, and executive audiences will shape how we protect DocuSign's employees, customers, and brand in the face cyber threats. You will also have a secondary responsibility to assess designs, architectures, and processes.

This position is an Individual Contributor role reporting to the Senior Director of Information Security Consulting and Risk Management

Responsibilities:

Act as information security risk analyst and consultant to all business lines of the organization.

Communicate information security risk through documentation, conversation, and presentations with an objective of driving awareness and informed decision making.

Evangelize and mentor internal audiences on information security principles and risk management.

Build, enhance, and document processes to facilitate more efficient engagement with, utilization of, and incorporation into existing information security programs and capabilities.

Assist in presenting various aspects of the information security risk management program to customers, prospects, auditors, and internal teams.

Perform or assist with threat models, risk assessments, security reviews, vulnerability management, compliance audits, and/or control frameworks.

Assess technical designs, project plans, and proposed initiatives against our security principles; and work to ensure they are addressed with minimal business impact, and that risk is identified and documented.

Develop and document information security standards, guidelines, and tools that enable business and systems owners to apply good security in their environments.

Help maintain, manage, and constantly improve DocuSign’s Risk Management process.

Basic Qualifications:

10+ years of industry experience including 5 or more years experience in Information Security Risk Management is preferred,

5+ years in any technical role (e.g. information technology, software engineering, system administration, solution architecture, network engineering, etc.) is required. Additional technical or security experience is beneficial.

Ability to communicate to technical, business, and executive audiences both verbally and in writing.

Preferred Qualifications

Excellent logical and structured ability to effectively understand and decompose business needs, goals, and objectives into tangible requirements, solutions, and alternatives.

Ability to communicate to technical, business, and executive audiences in verbal and written formats.

Will require travel up to as much as 20%.

May require occasional work at off hours.

CISSP, CISA, CISM, CRISC or other industry certifications are a plus.

Experience with ISO27001 preferred.

IT, InfoSec & Business Operations @DocuSign

We are in the business of trust and reliability. We create, maintain and operate scalable IT & InfoSec solutions that deliver an exceptional experience for our customers – both internal and external -- who trust and rely on us. We are creating an infrastructure that scales and supports DocuSign’s ambitious vision. That requires a smart, highly collaborative team who can identify and investigate new technologies to continue to deliver and scale globally and securely.

About DocuSign

DocuSign® is changing how business gets done by empowering hundreds of thousands of companies and tens of millions of users in most countries around the world to sign, send and manage documents anytime, anywhere, on any device with confidence. DocuSign replaces printing, faxing, scanning and overnighting documents with the easiest, fastest, most trusted way to make every approval and decision digital. Organizations of all sizes and industries are accelerating contracts, approvals and workflows with DocuSign's Digital Transaction Management (DTM) platform and eSignature solution. DocuSign keeps life and business moving forward.

DocuSign is an Equal Opportunity Employer. Individuals seeking employment at DocuSign are considered without regards to race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status, or any other legally protected category.

#LI-DS1

Similar jobs you might like