Sr. Security DevOps Engineer

Location: Bengaluru, India

Department: Security

Work Mode: Hybrid

About the Role

DocuSign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use DocuSign solutions to accelerate business processes and simplify lives through intelligent agreement management, e-signature, and contract lifecycle management (CLM). As the #1 company in e-signature and CLM, DocuSign unleashes business-critical data trapped in documents, connecting it to systems of record to drive efficiency and innovation. As a Sr. Security DevOps Engineer and core member of our Product Security team, you will integrate security practices and tools into the entire DocuSign Software Development Lifecycle (SDL), from planning to production and monitoring. This individual contributor role combines development, security, and operations to build and deploy secure, scalable, reliable software at speed for our e-signature and CLM platforms. You will also support cloud infrastructure rollouts for core Product Security functions, reporting to the Director, Product Security, in our innovative, trust-building culture where equality and open idea exchange empower every team member. In this hybrid role (minimum 2 days per week in-office), you will collaborate with DevOps teams to fortify CI/CD pipelines, deploy security tools like SAST/DAST/SCA with gating, leverage Terraform for IaC, implement Policy-as-Code, and establish monitoring for real-time alerts. Your work ensures DocuSign's platforms remain secure amid rapid innovation, contributing to a world made more agreeable. Join us to feel deep pride in securing agreements that power global business.

Key Responsibilities

• Closely collaborate with partner DevOps teams to build and maintain robust, secure CI/CD pipelines for DocuSign's Intelligent Agreement Management platform
• Optimally deploy security tools (e.g., SAST, DAST, SCA, Secret Scanning) within code automation pipelines, including rule tuning and custom checks
• Configure pipeline automation tasks to perform critical gating functions for security vulnerabilities and misconfigurations
• Capture key logging, metrics, and telemetry from security tools for integrated data platforms supporting e-signature and CLM solutions
• Leverage IaC tools like Terraform to automate provisioning and configuration of cloud infrastructure for product security functions
• Create reusable IaC modules for consumption by partner engineering teams accelerating DocuSign's innovation
• Implement Policy-as-Code frameworks to ensure infrastructure and applications adhere to security policies
• Establish and maintain monitoring solutions to detect, analyze, and alert on availability and performance issues in product security tooling
• Develop and execute incident response plans for pipeline tasks and infrastructure supporting secure e-signature deployments
• Create and maintain detailed technical documentation and deployment guides for all security components

Required Qualifications

• BS/BA degree or equivalent in relevant technology and security experience
• 8+ years of experience in DevOps roles, with at least 3 years focused on Security and DevSecOps
• Strong scripting skills using languages like Python, Bash, or PowerShell
• Proven experience integrating SAST, DAST, SCA, and Secret Scanning tools, including rule tuning and custom checks
• Proven experience building highly scalable DevSecOps capabilities
• Proven experience with multiple deployment automation platforms like Azure DevOps and Jenkins
• Strong experience with cloud resource deployments across Azure, AWS, and GCP
• Deep knowledge of infrastructure as code platforms like Terraform

Preferred Qualifications

• Experience implementing container technologies like Docker and orchestration platforms like Kubernetes
• Experience implementing secret management solutions such as HashiCorp Vault
• Experience in automation pipeline performance optimization and real-time telemetry systems
• Experience defining, gathering, and presenting key performance metrics and alerts
• Excellent cross-functional communication skills with proven track record in collaborative environments

Required Skills

• Python, Bash, or PowerShell scripting
• SAST, DAST, SCA, and Secret Scanning tool integration
• CI/CD pipeline development and optimization
• Azure DevOps, Jenkins deployment automation
• Cloud deployments in Azure, AWS, GCP
• Terraform and Infrastructure as Code (IaC)
• Policy-as-Code implementation
• Container technologies (Docker)
• Kubernetes orchestration
• HashiCorp Vault secret management
• Real-time telemetry and metrics systems
• Pipeline performance optimization
• Incident response planning
• Cross-functional collaboration
• Technical documentation
• Security vulnerability gating
• Cloud infrastructure provisioning

Benefits

• Comprehensive health, dental, and vision insurance plans
• 401(k) retirement savings plan with company match
• Flexible time off including unlimited PTO for salaried employees
• Professional development stipend and learning opportunities
• Hybrid work model with collaborative in-office experiences
• Wellness programs including mental health support
• Stock purchase plan and employee stock purchase program
• Parental leave and family-friendly benefits
• Volunteer time off to support communities

DocuSign is an Equal Opportunity Employer.