Sr. IAM Security Engineer

Location: Bengaluru, India

Department: Security

Work Mode: Hybrid

About the Role

DocuSign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use DocuSign solutions to accelerate business processes and simplify lives through intelligent agreement management. As the #1 company in e-signature and contract lifecycle management (CLM), we unleash business-critical data trapped in documents, connecting it to CRM, ERP, and other systems. Join our innovative culture where trust, equality, and cutting-edge security drive us to make the world more agreeable. The Senior IAM Security Engineer will drive implementation of DocuSign’s enterprise-wide identity and access management (IAM) strategy. Joining a small, high-impact IAM team within Security, you’ll serve as the hub in our hub-and-spoke model—setting policies, standards, and best practices while partnering with IT, Engineering, Product, and other teams for enterprise-wide execution. This individual contributor role reports to the Sr. Manager, IAM, and focuses on aligning IAM with digital transformation, AI/ML innovations, and our core e-signature platform security. You’ll execute IAM strategies that safeguard user accounts, permissions, and workflows across global operations; operationalize governance for compliant, scalable access; and embed security features directly into DocuSign products. Drive automation to eliminate errors, optimize efficiencies, and deliver data-driven insights via KPIs and executive reports. Translate complex risks into business terms, ensuring we meet NIST, ISO, SOC 2, FedRAMP, and internal standards while fostering collaboration in our dynamic, product-driven environment. This hybrid role requires minimum 2 days per week in-office (location-specific). At DocuSign, we’re committed to trust, equality, and employee success—offering competitive pay, unlimited PTO, stock options, wellness benefits, and a culture where your work powers global innovation in agreement management.

Key Responsibilities

• Execute DocuSign’s enterprise-wide IAM strategy and standards, aligning with business objectives, digital transformation, and intelligent agreement management security requirements
• Contribute to a high-performing IAM team focused on measurable outcomes, continuous improvement, and innovation in e-signature security
• Define, deliver, and evolve IAM best practices across DocuSign’s hub-and-spoke model
• Collaborate with cross-functional teams (IT, Engineering, Product) to implement secure user account management, tailored access policies, and control validations
• Operationalize IAM governance and guardrails to ensure compliant use in agreement management and global operations
• Drive automation to minimize human error, scale efficiencies, and optimize IAM workflows for 1.5M+ customers
• Embed IAM best practices into DocuSign products, enhancing security in e-signature and contract lifecycle management (CLM)
• Translate technical IAM risks and opportunities into business impact for executive stakeholders
• Ensure IAM practices meet internal standards, industry frameworks, and regulations like SOC 2 and FedRAMP
• Define success metrics, build reporting pipelines, and deliver insights to leadership on IAM program efficacy

Required Qualifications

• 8+ years of experience in identity and access management (IAM) or related security disciplines
• Bachelor’s degree in computer science, data science, cybersecurity, risk management, artificial intelligence, machine learning, or a related technical field
• Proven experience contributing to enterprise IAM programs with measurable impact
• Strong understanding of enterprise security, including risk mitigation and governance of IAM issues related to business processes, AI/ML, CRM, ERP, HRM, and e-signature workflows
• Working knowledge of IAM-related threats and experience collaborating with threat intelligence, CSIRT, PSIRT, Product, and Engineering teams
• Substantive experience in data governance and security, including frameworks for IAM, attack surface management, and data loss prevention
• Experience defining security KPIs, metrics pipelines, and executive reporting frameworks

Preferred Qualifications

• Certifications such as CISM, CRISC, CISSP, CCSP, CAIP, or equivalent
• Familiarity with attack surface monitoring, supply chain security, and continuous control validation
• Experience driving automation strategies, predictive analytics, and data-driven insights in IAM
• Knowledge of frameworks including NIST CSF, NIST AI RMF, ISO 27001, ISO 42001, FAIR, SOC 2, and FedRAMP
• Demonstrated success embedding IAM best practices into SaaS products like e-signature and CLM platforms

Required Skills

• Enterprise IAM strategy and implementation
• Risk mitigation and governance for IAM
• Threat intelligence and incident response collaboration
• Data governance frameworks and DLP
• Security metrics, KPIs, and executive reporting
• Automation scripting and workflow optimization
• Knowledge of NIST, ISO, FAIR, SOC 2, FedRAMP
• AI/ML security risks in business workflows
• Attack surface management and supply chain security
• Stakeholder management across technical and business teams
• Cross-functional collaboration with Product, Engineering, IT
• Clear communication for non-technical audiences
• Predictive analytics and data-driven IAM insights
• SaaS security best practices for e-signature platforms
• Continuous control validation and monitoring

Benefits

• Competitive base salary and performance-based bonuses
• Comprehensive health, dental, and vision insurance
• 401(k) matching and employee stock purchase plan
• Unlimited PTO and flexible hybrid work model (minimum 2 days/week in-office)
• Professional development stipend and tuition reimbursement
• Wellness programs including mental health support and fitness reimbursements
• Parental leave and family-forming benefits
• Volunteer time off and community impact programs
• DocuSign stock options to share in our growth

DocuSign is an Equal Opportunity Employer.