Sr. Product Manager - Data Security, Strategy and Implementation

Location: San Francisco, California; Seattle, Washington

Department: Security

Work Mode: Hybrid

About the Role

Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign's Intelligent Agreement Management platform to accelerate business processes and simplify lives. As the #1 company in e-signature and contract lifecycle management (CLM), Docusign unleashes business-critical data trapped in documents, connecting it to systems of record to drive efficiency and opportunity. We're seeking a Sr. Product Manager, Data Security Strategy and Implementation to shape the future of secure agreement management. As a key member of our AI & Data Security team, you will spearhead DocuSign's comprehensive Data Security Strategy as a product-focused individual contributor reporting to the Sr. Director of AI & Data Security. Working across Security, Product, Engineering, Legal, IT, and Compliance teams, you will establish and mature governance strategies for all company and customer data powering our e-signature and CLM platforms. You will ensure proper data handling, classification, secure access, and establish security standards enabling safe data usage in internal tools and customer-facing products while supporting AI security programs securing development pipelines and enabling safe AI adoption within our innovation culture. In this high-impact role, you will develop and execute our overarching data security strategy aligned with business objectives and digital transformation initiatives. Partnering with cross-functional leaders, you will operationalize governance guardrails for data lifecycle management, embed secure-by-design principles into data platforms and agreement workflows, and translate technical risks into actionable business recommendations. Defining measurable success criteria and executive reporting, you will drive continuous improvement ensuring our products meet internal standards, industry frameworks (NIST CSF, ISO 27001, SOC 2, FedRAMP), and regulatory requirements. This hybrid role requires minimum 2 days per week in-office collaboration. DocuSign is committed to building trust through equal opportunity, open idea exchange, and doing what's right every day. Join us to safeguard the world's most critical agreements while advancing secure AI innovation at the forefront of intelligent agreement management.

Key Responsibilities

• Develop and execute DocuSign's comprehensive data security and governance strategy, including AI/ML security requirements aligned with intelligent agreement management objectives
• Spearhead initiatives establishing governance and security standards for company and customer data across e-signature platforms and internal tools
• Operationalize data handling, classification, secure access controls, and AI/ML adoption guardrails ensuring compliance and safety organization-wide
• Partner with Product, Engineering, Security, Legal, IT, and Compliance teams to embed secure-by-design principles into data platforms and agreement workflows
• Drive data security programs ensuring best practices, resilience, and regulatory compliance for all data collection, storage, processing, and intelligent agreement analytics
• Define, deliver, and continuously evolve data security best practices across the complete data lifecycle
• Translate complex technical risks into business impact, providing executive recommendations and trade-off analysis
• Collaborate with AI & Data Security engineers and cross-functional leaders to secure AI development pipelines and enable safe AI tool adoption
• Establish measurable success criteria, security KPIs, and executive reporting frameworks demonstrating program effectiveness
• Ensure DocuSign products and data processes meet internal standards, industry frameworks, and regulatory requirements including FedRAMP and SOC 2
• Bridge program delivery, risk management, and emerging data security practices supporting DocuSign's innovation culture

Required Qualifications

• 8+ years in data security, data governance, or related security disciplines, with demonstrated exposure to AI security
• Bachelor’s degree in computer science, data science, cybersecurity, risk management, or a related technical field
• Experience leading or managing enterprise-wide data security and governance programs at scale
• Proven experience with product security including secure development lifecycle, CI/CD best practices, data and AI/ML risks, secure coding, and software supply chain risk mitigation
• Hands-on experience with enterprise security including risk mitigation and governance of data across business workflows and platforms (CRM, ERP, HRM, etc.)
• Deep experience addressing data security threats (data leakage, unauthorized access, exfiltration) and AI/ML malicious use threats, collaborating with threat intelligence, CSIRT, PSIRT, Product, and Engineering teams
• Experience implementing data governance frameworks and security best practices including IAM, attack surface management, and data loss prevention
• Track record defining security KPIs, metrics pipelines, and executive reporting frameworks

Preferred Qualifications

• Master’s degree or higher in a relevant technical field
• Professional certifications: CISM, CRISC, CISSP, CCSP, or equivalent
• Familiarity with attack surface monitoring, supply chain security, and continuous control validation
• Experience driving automation strategies, predictive analytics, and data-driven security insights
• Knowledge of security frameworks including NIST CSF, NIST AI RMF, ISO 27001, ISO 42001, FAIR, SOC 2, and FedRAMP
• Excellent stakeholder management across technical and executive audiences with proven cross-functional leadership

Required Skills

• Data security strategy and governance
• AI/ML security and risk management
• Secure development lifecycle (SDLC)
• CI/CD security best practices
• Software supply chain security
• Identity and Access Management (IAM)
• Data Loss Prevention (DLP)
• Attack surface management
• Threat intelligence analysis
• Security metrics and KPI development
• Cross-functional stakeholder management
• Executive communication and presentation
• Risk translation to business impact
• NIST CSF, ISO 27001, SOC 2 frameworks
• Regulatory compliance (FedRAMP, GDPR)
• Product security program management
• Automation and predictive analytics
• Agile product management methodologies

Benefits

• Competitive base salary: $140,000 - $225,075 (California) plus performance bonus
• Restricted Stock Units (RSUs) equity grants
• Comprehensive health benefits with 100% employer-paid options from day one
• Generous Paid Time Off plus paid company holidays
• Up to 6 months Paid Parental Leave
• Retirement plans with employer contributions
• Learning & Development with coaching, online courses, and education reimbursement
• Compassionate Care Leave for life-changing events

DocuSign is an Equal Opportunity Employer.