Sr. Director - Security Strategy & Delivery

Location: San Francisco, California; Seattle, Washington

Department: IT Infrastructure & Operations

Work Mode: Hybrid

About the Role

DocuSign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use DocuSign solutions to accelerate business processes and simplify lives through intelligent agreement management, e-signature, and contract lifecycle management (CLM). As the #1 company in these spaces, we unleash business-critical data trapped in documents, connecting it to systems of record to drive efficiency and innovation. Join our Security leadership team as Sr. Director - Security Strategy & Delivery in IT Infrastructure & Operations, reporting to the CISO, to safeguard our platform and foster a security-first culture in a hybrid role (minimum 2 days/week in-office). In this people-manager role, you will define and execute the long-term Security strategy aligned with DocuSign's mission, translating complex threats into actionable roadmaps across product security, enterprise security, GRC, and trust domains. Lead strategic planning, oversee the PMO for flawless delivery of large-scale initiatives like compliance programs and platform deployments, and manage budgets to prioritize risk reduction in our e-signature ecosystem. Proactively scan for emerging trends, manage cross-functional dependencies with Engineering and Product teams, and drive DevSecOps innovations to embed security in Agile development. As a strategic advisor to the CISO and executives, you will deliver compelling narratives to the Board, Executive Committee, and company-wide audiences, tracking KPIs for transparency and excellence. Mentor high-performing teams, champion data-driven continuous improvement, and cultivate a culture of delivery excellence. With 15+ years in infosec or tech strategy, recent expertise in Cloud Security, Zero Trust, and Product Security, and proven leadership in global enterprises, you will ensure DocuSign remains the trusted leader in secure agreement management.

Key Responsibilities

• Define, articulate, and maintain the DocuSign Security Strategy aligned with company mission, business objectives in intelligent agreement management, and evolving threat landscape
• Lead annual and quarterly strategic planning, translating long-term vision into actionable roadmaps, OKRs, and prioritized initiatives across security pillars like product security and GRC
• Develop and manage the Security organization’s budget and resource allocation to optimize investments in e-signature security and risk reduction
• Conduct continuous environmental scanning for emerging threats, technologies, and regulations impacting DocuSign's global operations
• Oversee the Security Program Management Office (PMO), establishing standards for execution, tracking, and reporting of cross-functional initiatives
• Drive on-time, on-budget delivery of major security projects, including platform deployments and compliance for agreement management solutions
• Establish and report KPIs for strategic execution, providing transparent updates to CISO, executives, and Board
• Manage cross-functional dependencies with Engineering, IT, and Product teams to ensure alignment in Agile/DevSecOps environments
• Serve as strategic advisor to CISO, communicating risks, progress, and innovations in security for e-signature leadership
• Lead, mentor, and grow a team of program managers, fostering data-driven culture and delivery excellence

Required Qualifications

• 15+ years of progressive experience in Information Security, Technology Strategy, or a related field
• 5+ years of experience in a senior leadership role responsible for strategic planning and large-scale program/portfolio management (PMO) within a global enterprise
• Recent hands-on experience with major security domains including Cloud Security, Zero Trust, Incident Response, GRC, and Product Security
• Proven ability to translate complex security and technology concepts into clear, concise business strategy and financial plans
• Demonstrated experience leading and developing high-performing, diverse teams in fast-paced environments
• Bachelor's degree in Computer Science, Information Systems, Business Administration, or a related field

Preferred Qualifications

• Master’s degree in Computer Science, Risk Management, Business Administration, or a related advanced degree
• Relevant professional certifications such as CISSP, CISM, PMP, or SAFe
• Experience in the technology/software development industry, particularly with e-signature or agreement management platforms
• Track record of leading cultural change to foster security-first engineering practices and shift-left security in product development
• Familiarity with regulatory frameworks like SOC 2, ISO 27001, GDPR, and FedRAMP

Required Skills

• Strategic planning and roadmap development
• Program and portfolio management (PMO)
• Budgeting and financial planning for security
• Cloud Security and Zero Trust architectures
• Incident Response and GRC frameworks
• Product Security in software development
• DevSecOps and security automation in CI/CD pipelines
• Agile methodologies and Jira portfolio tools
• Regulatory compliance (SOC 2, GDPR, FedRAMP)
• Shift-left security practices
• C-suite executive communication and presentations
• Team leadership and talent development
• Cross-functional stakeholder management
• Risk analysis and threat intelligence
• Data-driven decision making
• Cultural change leadership for security-first mindset

Benefits

• Competitive base salary: California $233,300 - $373,525; WA, MD, NJ, NY $218,200 - $329,525
• Company bonus plan based on performance
• Restricted Stock Units (RSUs) eligibility
• Paid Time Off and company holidays
• Paid Parental Leave up to six months
• Comprehensive health benefits from day one
• Retirement plans with employer contributions
• Learning and development including coaching and education reimbursements
• Compassionate Care Leave for life events

DocuSign is an Equal Opportunity Employer.