Sr. Technical Program Manager, Product Security

Company Overview

Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people’s lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign’s Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM).

What you'll do

As a Senior Security Technical Program Manager in Platform Security you will shape and execute the long-term strategy for building security into our products. You’ll spearhead the shift-left movement, ensuring secure development practices are embedded early and consistently across all teams. You will lead organizational change by building scalable programs such as Security Champions, driving adoption of secure-by-design principles, and aligning security priorities with business goals. In this role, you’ll act as a trusted partner to executives, influencing roadmaps and investment decisions, while enabling engineering teams to move fast without compromising security.

This position is an individual contributor role reporting to Sr. Manager, Technical Program Management.

Responsibility

Own and scale product security initiatives that span across engineering organizations, balancing risk reduction with innovation

Drive adoption of secure coding, automated security tooling, and early threat modeling across the SDLC

Partner with senior engineering and product leaders to embed security into decision-making, roadmaps, and design principles

Establish and expand a global network of security champions, empowering engineers to own and advocate for security

Translate technical risk into business impact, providing clear updates, trade-off discussions, and recommendations to executives

Lead organizational change by fostering a developer-first security culture that scales across teams and geographies

Ensure products meet internal security standards, industry frameworks, and regulatory requirements

Define measurable success criteria (e.g., secure coding adoption rates, vulnerability SLAs) and report outcomes to leadership

Ensure coordinated response and remediation for vulnerabilities, leveraging learnings to continuously strengthen processes

Improve security processes, tools, and automation to scale security across the organization

What you bring

Basic

Minimum of 8 years related experience with a Bachelor’s degree or 6 years related experience with a Master’s degree

Bachelors or Masters degree in Technology or Computer Science or Cybersecurity

Experience with product security practices (secure SDLC, threat modeling, vulnerability management, cloud / application security)

Experience with security frameworks and standards (e.g., OWASP, NIST, ISO 27001)

Experience leading large, cross-functional security or engineering programs

Experience with threat modeling, risk management, and vulnerability management

Preferred

Excellent executive communication and stakeholder management skills

Experience with cloud security (AWS, Azure, GCP)

Strong skills in program planning, prioritization, and driving accountability across teams

Relevant certifications (e.g., CISSP, CISM)

Hands-on experience enabling shift-left security practices in product development

Proven ability to build and scale Security Champions or developer enablement programs

Familiarity with regulatory and compliance frameworks (SOC 2, ISO 27001, GDPR FedRAMP, etc.)

Experience working with product and engineering teams in an Agile environment

Familiarity with DevSecOps practices and security automation

Experience with security automation tools integrated into CI / CD pipelines

Track record of leading cultural change to foster security-first engineering practices

Equal Opportunity Employer

Docusign is an Equal Opportunity Employer and makes hiring decisions based on experience, skill, aptitude and a can-do approach. We will not discriminate based on race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, or any other legally protected category.

#J-18808-Ljbffr