Director, Security Product Risk Management

Company Overview

Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people’s lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign’s Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM).

What you'll do

The Director, Security Product Risk Management is a strategic and product-focused leader responsible for building and leading a modern, automation-driven, data-informed security risk program that enables the organization to manage risk effectively and at scale. You will lead the design, delivery, and evolution of the security risk management program, ensuring risks are identified, quantified, prioritized, and communicated in business-relevant terms.

As the security product owner for Risk, this role is also responsible for setting the vision, roadmap, and priorities for risk analytics, risk automation (data collection and analysis for risk assessments), and continuous monitoring. You’ll partner with engineering, product, GRC engineering, cyber defense, compliance, procurement, and business stakeholders to embed risk awareness, automation, and data-driven insights into systems, processes, and their decision-making.

This is a people manager role reporting to the Senior Director of Security Governance, Risk Management and Compliance (GRC).

Responsibility

• Lead and mentor a team of risk managers, risk product managers, and risk analysts
• Build a high-performing, product-driven team focused on measurable outcomes and continuous improvement
• Define, deliver, and continuously evolve security risk management enterprise-wide
• Establish frameworks and processes for risk identification, assessment, prioritization, and reporting
• Drive adoption of quantitative risk methodologies (e.g., FAIR) and data-driven decision-making
• Lead security risk reviews across products, services, and infrastructure to enable faster, risk-informed choices
• Define KPIs, KRIs, and executive-level reporting to measure control effectiveness and risk posture
• Drive user adoption and operational efficiency through automation-first workflows across risk intake and reporting
• Act as the bridge between technical risks and business priorities, ensuring stakeholders have actionable insights
• Leverage predictive analytics and automation to prioritize risks based on potential business impact
• Deliver executive-ready reporting to senior security leadership and cross-functional stakeholders
• Partner closely with engineering to build real-time dashboards and centralized risk data pipelines, and to deliver risk automation capabilities and technical integrations
• Expand third party risk scope to include strategic partners, alliances, joint-service providers and developer ecosystem
• Oversee technical integration reviews for SaaS, APIs, infrastructure connectivity, and data flows
• Build and maintain a fourth-party dependency framework to manage cascading risks
• Use attack surface monitoring, supply chain security platforms, and threat intelligence feeds to continuously track ecosystem exposure
• Partner with engineering, product, cyber defense, compliance, procurement, and legal teams to integrate risk management into business processes
• Collaborate with customer-facing security teams to support security assurance activities where required.

What you bring

Basic

Preferred

Wage Transparency

Pay for this position is based on a number of factors including geographic location and may vary depending on job-related knowledge, skills, and experience.

Based on applicable legislation, the below details pay ranges in the following locations :

California : $202,800.00 - $327,625.00 base salary

Illinois, Colorado, Massachusetts and Minnesota : $193,100.00 - $272,750.00 base salary

Washington, Maryland, New Jersey and New York (including NYC metro area) : $193,100.00 - $286,500.00 base salary

This role is also eligible for the following :

Global benefits provide options for the following :

Life at Docusign

Docusign is committed to building trust and making the world more agreeable for our employees, customers and the communities in which we live and work. You can count on us to listen, be honest, and try our best to do what’s right, every day. At Docusign, everything is equal.

We each have a responsibility to ensure every team member has an equal opportunity to succeed, to be heard, to exchange ideas openly, to build lasting relationships, and to do the work of their life. Best of all, you will be able to feel deep pride in the work you do, because your contribution helps us make the world better than we found it. And for that, you’ll be loved by us, our customers, and the world in which we live.

Docusign is committed to providing reasonable accommodations for qualified individuals with disabilities in our job application procedures. If you need such an accommodation, or a religious accommodation, during the application process, please contact us at accommodations@docusign.com.

Docusign is an Equal Opportunity Employer and makes hiring decisions based on experience, skill, aptitude and a can-do approach. We will not discriminate based on race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, or any other legally protected category.

#J-18808-Ljbffr