Sr. Data Security Engineer

Location: Seattle, Washington; Chicago, Illinois

Department: Security

Work Mode: Hybrid

About the Role

Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate business processes and simplify lives through intelligent agreement management. As the #1 company in e-signature and contract lifecycle management (CLM), we unleash business-critical data trapped in documents, connecting it to systems of record to drive efficiency and innovation. We are seeking a talented and proactive Sr. Data Security Engineer to join our Security team as an individual contributor reporting to the Sr. Director of AI & Data Security. In this hybrid role (minimum 2 days per week in-office), you will implement and guide best practices across our Data Security strategy, designing and deploying technical controls like data encryption, DLP, and DSPM to protect company and customer data in our global e-signature platform. You will collaborate with engineering, product, and security teams to embed secure data practices into the software development lifecycle, ensuring compliance and alignment with business goals in a fast-paced innovation culture. Key responsibilities include engineering DLP controls to prevent data exfiltration, operationalizing DSPM for cloud risk mitigation, conducting threat modeling for data flows, and automating security insights to scale protections for Intelligent Agreement Management. You will translate risks into business impact, influence stakeholders, and drive guardrails that safeguard sensitive agreements while enabling DocuSign's mission to make the world more agreeable. This position offers a competitive salary ($151,200 - $222,450 based on location), RSUs, bonus potential, comprehensive benefits, and a diverse, inclusive environment where your contributions fuel global impact. Docusign is an Equal Opportunity Employer committed to building trust and innovation.

Key Responsibilities

• Implement and guide best practices across DocuSign's Data Security strategy, ensuring confidentiality, integrity, and availability of sensitive agreement data
• Design, deploy, and maintain data encryption standards and solutions for data in transit and at rest, managing Key Management Systems (KMS) and PKI infrastructure
• Engineer and manage Data Loss Prevention (DLP) controls across endpoints, networks, and cloud environments to prevent unauthorized exfiltration of e-signature and customer data
• Implement and operationalize Data Security Posture Management (DSPM) tools to identify, classify, and mitigate risks in cloud data stores powering Intelligent Agreement Management
• Collaborate with engineering, product, and security teams to integrate data security into the software development lifecycle (SDL) and CI/CD pipelines
• Conduct technical risk assessments and threat modeling for data storage, processing, and transmission in DocuSign's global platform
• Develop and enforce technical guardrails, policies for data handling, access control, and classification aligned with business objectives
• Monitor, detect, and respond to data security incidents in coordination with detection and response teams
• Translate technical data security risks into business impact, communicating recommendations to technical and non-technical stakeholders
• Drive automation of security controls to support DocuSign's innovation culture and scalable e-signature solutions
• Ensure compliance with global data protection standards to protect over 1.5 million customers' agreements

Required Qualifications

• 8+ years of experience in security engineering, with a focus on data security, application security, or infrastructure security
• Hands-on experience with data encryption standards, protocols (TLS, AES), and key management lifecycles
• Proven experience implementing and managing Data Loss Prevention (DLP) technologies such as Netskope, Zscaler, or Symantec
• Deep experience with Cloud Data Security and DSPM tools across AWS, Azure, and GCP
• Proficiency in programming or scripting languages such as Python, Go, or Java for automation and security tooling
• Strong background in data governance, data classification, and secure data handling practices
• Demonstrated ability to operationalize security controls in complex, enterprise-scale environments

Preferred Qualifications

• Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field
• Relevant certifications such as CISSP, CCSP, CISM, CDPSE, or equivalent
• Knowledge of regulations and standards including GDPR, CCPA, NIST, and ISO 27001 applied to data protection
• Experience with database security, activity monitoring, and access controls
• Familiarity with Infrastructure as Code (IaC) and securing CI/CD pipelines
• Track record of driving automation strategies and data-driven security insights

Required Skills

• Data encryption (TLS, AES) and key management
• DLP technologies (Netskope, Zscaler, Symantec)
• Cloud Data Security and DSPM (AWS, Azure, GCP)
• Programming/scripting (Python, Go, Java)
• Data governance and classification
• Threat modeling and risk assessments
• CI/CD pipeline security and IaC
• Database security and access controls
• Incident detection and response
• Automation and scripting for security tooling
• Cross-functional collaboration
• Stakeholder communication (technical/non-technical)
• Regulatory knowledge (GDPR, CCPA, NIST, ISO 27001)
• Data-driven security insights
• Operationalizing controls in enterprise environments
• Problem-solving in complex cloud infrastructures

Benefits

• Competitive base salary ranging from $151,200 - $222,450 based on location and experience
• Company bonus plan calculated as a percentage of eligible wages tied to performance
• Restricted Stock Units (RSUs) eligibility
• Paid Time Off including earned time off and company holidays
• Paid Parental Leave up to six months for birth, adoption, or foster care
• Comprehensive Health Benefits Plans with 100% employer-paid options from day one
• Retirement Plans with potential employer contributions
• Learning and Development opportunities including coaching, online courses, and education reimbursements
• Compassionate Care Leave for life-changing events

DocuSign is an Equal Opportunity Employer.