Security DevOps Engineer

Location: Bengaluru, India

Department: Security

Work Mode: Hybrid

About the Role

DocuSign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use DocuSign solutions to accelerate business processes and simplify lives through intelligent agreement management, e-signature, and contract lifecycle management (CLM). As the #1 company in e-signature, DocuSign unleashes business-critical data trapped in documents, connecting it to systems of record to save time, money, and opportunity. Join our innovative culture where trust, equality, and bold ideas drive us to make the world more agreeable. As a Security DevOps Engineer on our Product Security team, you will integrate security practices and tools into the entire DocuSign Software Development Lifecycle (SDL), from planning to production and monitoring. This individual contributor role, reporting to the Director of Product Security, combines development, security, and operations to build and deploy secure, scalable software at speed—safeguarding our e-signature platform and intelligent agreement management solutions. You will collaborate with DevOps partners to fortify CI/CD pipelines, deploy security tools like SAST, DAST, and SCA, and automate cloud infrastructure using Terraform to support core security functions in a hybrid environment (minimum 2 days/week in-office). Key responsibilities include configuring gating for vulnerabilities, capturing telemetry for real-time insights, creating reusable IaC modules, implementing Policy-as-Code, and maintaining monitoring for product security tooling across Azure, AWS, and GCP. You will troubleshoot incidents, optimize pipeline performance, and document processes to empower teams. With strong scripting (Python, Bash, PowerShell), DevSecOps experience, and cloud expertise, you will help scale secure innovation at DocuSign. DocuSign is committed to building trust and equality. We ensure every team member has equal opportunity to succeed, innovate, and feel pride in work that transforms agreements worldwide. Enjoy competitive benefits, unlimited PTO, professional growth, and a collaborative culture. #LI-Hybrid #LI-VP3

Key Responsibilities

• Collaborate closely with partner DevOps teams to build and maintain robust, secure CI/CD pipelines integrated into DocuSign's Software Development Lifecycle (SDL)
• Optimally deploy and integrate security tools (e.g., SAST, DAST, SCA, Secret Scanning) within code automation pipelines
• Configure pipeline automation tasks to enforce critical gating functions for security vulnerabilities and misconfigurations
• Capture and route key logging, metrics, and telemetry from security tools to integrated data platforms for real-time analysis
• Leverage IaC tools like Terraform to automate provisioning and configuration of cloud infrastructure for product security functions
• Create reusable IaC modules and share them with partner engineering teams to promote secure infrastructure standards
• Implement Policy-as-Code frameworks to ensure infrastructure and applications adhere to DocuSign's security policies
• Establish and maintain monitoring solutions to detect, analyze, and alert on issues in product security tooling and infrastructure
• Assist in troubleshooting pipeline incidents, perform root cause analysis, and optimize performance
• Create and maintain detailed technical documentation, deployment guides, and knowledge sharing for all security components

Required Qualifications

• BS/BA degree or equivalent in Computer Science, Information Security, or relevant technology field
• 3+ years of hands-on experience in Security DevOps or DevSecOps roles
• Strong scripting skills using languages like Python, Bash, or PowerShell
• Proven experience integrating SAST, DAST, SCA, and Secret Scanning tools with rule tuning and custom checks
• Proven experience building highly scalable DevSecOps capabilities in fast-paced environments
• Strong experience with deployment automation platforms such as Azure DevOps and Jenkins
• Deep knowledge of cloud resource deployments across Azure, AWS, and GCP
• Experience in automation pipeline performance optimization and real-time telemetry systems for metrics and alerts

Preferred Qualifications

• Experience implementing container technologies like Docker and orchestration platforms like Kubernetes
• Experience with secret management solutions such as HashiCorp Vault for handling sensitive data like API keys
• Familiarity with Policy-as-Code frameworks like Open Policy Agent (OPA)
• Experience supporting e-signature and agreement management platforms in secure, high-scale environments
• Certifications such as AWS Certified DevOps Engineer, Azure DevOps Engineer, or equivalent

Required Skills

• Python, Bash, or PowerShell scripting
• SAST, DAST, SCA, and Secret Scanning tool integration
• CI/CD pipeline development and automation
• Azure DevOps, Jenkins deployment platforms
• Cloud deployments in Azure, AWS, GCP
• Terraform and Infrastructure as Code (IaC)
• Pipeline performance optimization
• Real-time telemetry, metrics, and alerting (e.g., Prometheus, Grafana)
• Policy-as-Code implementation
• Containerization with Docker and Kubernetes
• Secret management (e.g., HashiCorp Vault)
• Root cause analysis and troubleshooting
• Cross-functional communication and collaboration
• Technical documentation and knowledge sharing
• DevSecOps best practices in SDL
• Monitoring and observability tools

Benefits

• Competitive salary and equity in a leading e-signature innovator
• Comprehensive health, dental, and vision insurance
• 401(k) matching and employee stock purchase plan
• Unlimited PTO and flexible hybrid work model (minimum 2 days/week in-office)
• Professional development stipend and tuition reimbursement
• Wellness programs including mental health support and fitness reimbursements
• Parental leave and family-forming benefits
• Volunteer time off and community impact programs
• DocuSign Cares Fund for employee hardship support

DocuSign is an Equal Opportunity Employer.