Principal Security Engineer

IT, InfoSec, Cyber Risk & Business Operations - San Francisco, California

Our agreement with employees

DocuSign is committed to building trust and making the world more agreeable for our employees, customers and the communities in which we live and work. You can count on us to listen, be honest, and try our best to do what’s right, every day. At DocuSign,everything is equal. We each have a responsibility to ensure every team member has an equal opportunity to succeed, to be heard, to exchange ideas openly, to build lasting relationships, and to do the work of their life. Best of all, you will be able to feel deep pride in the work you do, because your contribution helps us make the world better than we found it. And for that, you’ll be loved by us, our customers, and the world in which we live.

The Team

Our IT, InfoSec, Cyber Risk & Business Ops team is in the business of trust and reliability. We create, maintain and operate scalable technology and data solutions that deliver an exceptional experience for our internal & external customers. We embrace Agile principles and values, favor DevOps practices, and view infrastructure as code, all while we create an infrastructure that scales and supports our growth and ambitious vision. This requires a smart, highly collaborative team who can identify, investigate, and implement new technologies to continue securely scaling our global business.

This Position

Our Information Security Team is looking for a Principal Security Engineer to protect DocuSign critical infrastructure and services. This is a technical and leadership role and successful candidates will bring expert level communications in software engineering and architecture processes and complete background in application security foundations.

This position reports to the Senior Leader of our Security Engineering Team.


Leading software research and development teams, complex software system solutions analysis and consulting, requirements definition and refinement, software design and architecture validation, and hands-on prototyping. You will work closely with other engineers to develop and introduce the latest software, cyber, enterprise, and mobile technologies into the enterprise. It is expected that you will collaborate across a number of cross-functional engineering and development groups in formulating secure solutions to complex problems.

You will support the research, development, and acquisition of complex cyber systems through the application of the latest software engineering concepts emerging from research and industry. Key technical areas may include the following:

  • The capability to be thrown into new situations, and learn new data formats, programming languages, tools or technical challenges.
  • Requirements analysis, definition, and refinement
  • Reverse engineering
  • Secure and assured systems engineering
  • Malware analysis
  • Hands on software engineering and development
  • Mobile computing platform application development
  • Application of Information Security Principals
  • Blue and Red team formation and execution
  • Penetration testing and system attack
  • Assessment of security risk
  • Software innovation and technology insertion
  • Big data and analytics, including application of Map Reduce programming model
  • and analytics technologies such as Hadoop, Hive and Pig
  • Use of database technologies such as Oracle, MySQL, or SQL-based equivalents, as well as NoSQL-based databases such as Mongo.

Basic Qualifications:

  • Deep knowledge and experience in Security Operations Centers, Incident Response, Architecture/systems engineering.
  • Demonstrable knowledge of Information Security attacks and analytical mindset to detect cyber adversary tactics, techniques or procedures.
  • Minimum of a BA or BS degree in Computer Science or engineering, with a MS preferred or 15 years of combined experience in Information Security, Software Development or Technical Architecture Design.
  • Strong fundamental knowledge of computer science, especially algorithms and data structures germane to the development of high-quality, efficient software.
  • Experience in Linux and networking is required.
  • Experienced in designing a comprehensive security architecture and delivering.
  • Desire to help mentor security teams.

Preferred Qualifications:

  • Strong written and verbal communication skills.
  • Dynamic consulting skills and broad exposure to IT security technologies.
  • A good foundation in crafting and leading the deployment of security architectures that demonstrate diversity of security tools and infrastructure.
  • Driven, team focused individual who can work multi-functionally with peers, and internal teams to achieve successful outcomes.
  • Possess a level of technical curiosity, with desire to learn new technologies within the areas of security and business risk management.

About Us

DocuSign® helps organizations connect and automate how they prepare, sign, act on, and manage agreements. As part of the DocuSign Agreement Cloud, DocuSign offers eSignature: the world's #1 way to sign electronically on practically any device, from almost anywhere, at any time. Today, hundreds of thousands of customers and hundreds of millions of users in over 180 countries use DocuSign to accelerate the process of doing business and simplify people's lives. Plus, we save more trees together! And that’s a good thing.

DocuSign is committed to building a diverse team of talented individuals who bring different perspectives to the business and who feel a sense of inclusion and belonging when they join our team. Individuals seeking employment at DocuSign are considered without regards to race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status, or any other legally protected category.


MongoDB, DevOps, MySQL, Oracle, SQL, and IT, InfoSec, Cyber Risk & Business Operations

13 days ago - source