Jobs · Information Technology · California

Senior Security Risk Manager

Docusign · San Francisco, CA · Yesterday
HybridInformation Technology$146k–$235k/yrFull-time

About the role

Docusign is seeking a Senior Security Risk Manager to lead and manage modern, data-driven security risk assessments. This role plays a pivotal role in advancing the maturity of our Security Risk Management program.

Responsibilities

  • Lead end-to-end security risk assessments of applications, systems, and cloud and software environments, across all security domains leveraging advanced risk scoring models such as risk quantification.
  • Identify, assess, monitor, and report on security risks across the enterprise and within specific domains (e.g., Vulnerability Management, Third Party Risk, Product Security, Detection and Response, etc.).
  • Review holistic Risk, Control, and Issue data to culminate recommendations on top security investments across the enterprise.
  • Analyze risk data to identify trends, root causes, and control gaps, and recommend changes to strengthen controls.
  • Partner with Engineering, Security, and business teams to embed risk insights into planning, prioritization, and decision-making.
  • Develop and maintain risk dashboards and metrics that provide leadership with actionable insights into risk exposure and trends within their portfolio.
  • Maintain and evolve the security control framework, ensuring risks are effectively mapped to controls, and are relevant to the business.
  • Leverage modern GRC platforms and automation (e.g., ServiceNow IRM, OneTrust) to scale risk management processes.
  • Serve as a trusted advisor to leadership on security risk posture and decisions.
  • Stay ahead of emerging risks and industry trends to continuously improve risk practices.

Requirements

  • Basic 8+ years of experience in security risk management, GRC, or related fields.
  • Bachelor's degree in Computer Science, Information Security, or related field.
  • Experience with cyber threats and vulnerabilities, with hands-on expertise in one or more security domains (e.g., vulnerability management, insider risk, incident response, identity and access management, application, infrastructure, cloud, product, platform, data and AI security).
  • Experience with cloud environments (AWS, Azure, GCP) and SaaS platforms.
  • Experience with risk management frameworks, risk quantification models (e.g., FAIR) or building custom risk scoring approaches.
  • Experience with security risk assessments, controls, and threat analysis.
  • Experience with GRC platforms and automation tools, preferably ServiceNow IRM.
  • One or more certifications: CISSP, CRISC, CISM.

Preferred Experience

  • Experience as a security risk SME or security architect.
  • Familiarity with cloud and SaaS environments (AWS, Azure, GCP).
  • Experience managing or mentoring junior GRC professionals.
  • Experience building risk dashboards and metrics (e.g., Tableau, Power BI).
  • Excellent communication and stakeholder management skills.

Qualifications

  • Basic 8+ years of experience in security risk management, GRC, or related fields.
  • Bachelor's degree in Computer Science, Information Security, or related field.
  • Experience with cyber threats and vulnerabilities, with hands-on expertise in one or more security domains (e.g., vulnerability management, insider risk, incident response, identity and access management, application, infrastructure, cloud, product, platform, data and AI security).
  • Experience with cloud environments (AWS, Azure, GCP) and SaaS platforms.
  • Experience with risk management frameworks, risk quantification models (e.g., FAIR) or building custom risk scoring approaches.
  • Experience with security risk assessments, controls, and threat analysis.
  • Experience with GRC platforms and automation tools, preferably ServiceNow IRM.
  • One or more certifications: CISSP, CRISC, CISM.
  • Experience as a security risk SME or security architect.
  • Familiarity with cloud and SaaS environments (AWS, Azure, GCP).
  • Experience managing or mentoring junior GRC professionals.
  • Experience building risk dashboards and metrics (e.g., Tableau, Power BI).
  • Excellent communication and stakeholder management skills.

Skills

  • Advanced risk scoring models.
  • Data-driven security risk assessments.
  • Cloud environments (AWS, Azure, GCP).
  • Risk quantification models (FAIR).
  • GRC platforms and automation tools (ServiceNow IRM).
  • Security risk assessments, controls, and threat analysis.
  • Building custom risk scoring approaches.
  • Security risk management frameworks.
  • Stakeholder management skills.

Benefits

  • Paid Time Off.
  • Paid Parental Leave.
  • Full Health Benefits Plans.
  • Retirement Plans.
  • Learning and Development.
  • Compassionate Care Leave.

Pay

Based on a number of factors including geographic location, the pay range for this position is $146,400.00 - $235,375.00 base salary. This Role Is Also Eligible For The Following Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance.

Schedule

Job Designation: Hybrid. Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation)

Benefits

  • Paid Time Off.
  • Paid Parental Leave.
  • Full Health Benefits Plans.
  • Retirement Plans.
  • Learning and Development.
  • Compassionate Care Leave.

Similar jobs

Senior Security Manager

Stream Data CentersGoodyear, AZ· 6 days ago
Management$90k–$105k/yrapply on apply.workable.com

Senior Security Manager

AstrionEglin Air Force Base, FL· 6 days ago
Information Technologyapply on careers.astrion.us

Senior Security Manager

JE Dunn ConstructionKansas City, MO· 2 wk ago
Information Technologyapply on jobs.jedunn.com

Senior Security Manager

Systems Planning & AnalysisAlexandria, VA· 1 wk ago
Management$92k/yrapply on careers-spa.icims.com

Senior Security Manager

Giga EnergyGreater Houston· 6 days ago
Information Technologyapply on job-boards.greenhouse.io