Security Solutions Engineer

About The Position

Requirements

• BA/BS degree or equivalent work experience
• 5+ years of experience with security controls and compliance related to NIST and FedRAMP
• Experience with risk management frameworks, including risk ratings and the ability to contextualize data based on risk (e.g., utilizing CVSS, CVE, NVD, NIST, DoD SRG)
• Experience developing and implementing solution plans centered on integrating various security technologies and key security solutions.
• Experience automating audit evidence collection across security and compliance frameworks (e.g., FedRAMP, NIST 800-53)
• Experience with compliance and assessment of cloud native platforms and services (Data warehouse, Service Mesh, Container Images and Microservices Orchestration)

Nice To Haves

• Experience creating and utilizing reports from security monitoring tools such as Tenable, Sysdig, Splunk, Windows Defender, Log Analytics (or similar) products
• Proficient in rigorously validating that implemented security controls are fully effective and maintain strict alignment with industry-leading compliance frameworks, specifically FedRAMP, DoD Impact Level 4 (IL4)
• Experience with organizing and driving network and system penetration tests to meet regulatory requirements, such as FedRAMP, StateRAMP, CMMC, DoD IL4

Responsibilities

• Lead cross-team collaboration to deliver secure capabilities that accelerate processes and strengthen initiatives
• Partner with account executives, solution consultants, and customer success teams to help position Docusign’s public sector compliance story, respond to customer security inquiries, and guide prospective customers through risk and compliance discussions
• Lead the effort to mature the risk management process and develop playbooks and/or procedures to support technical teams on compliance initiatives
• Lead the adoption of artificial intelligence to streamline and automate audit processes
• Measure success by addressing systemic vulnerabilities and risks by working with Prod/Dev, Sec Architecture, and infrastructure teams to operationalize or mitigate known security gaps
• Drive the solution and compliance initiatives that enable Docusign to maintain federal and DoD authorizations while also supporting sales teams in communicating our security capabilities to public sector customers
• Develop and maintain System Security Plans (SSPs), ATO package deliverables, and compliance artifacts to ensure successful submissions, annual assessments, and continuous monitoring

Benefits

• Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance.
• Paid Time Off: earned time off, as well as paid company holidays based on region
• Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
• Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
• Retirement Plans: select retirement and pension programs with potential for employer contributions
• Learning and Development: options for coaching, online courses and education reimbursements
• Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events