Security Compliance Manager

Company Overview

What you'll do

• Conduct security compliance audits and assessments independently end-to-end while adhering to strict deadlines and maintaining executive level metrics and reporting
• Conduct security control test of design and test of operating effectiveness activities
• Be the subject matter expert to lead compliance discussions, awareness, internal and external audit interviews
• Work with Product and Engineering, Business, and Technology teams to define and maintain an effective suite of controls adapting to changes in products, business processes and technology solutions
• Manage audit deliverables, identify and analyze process gaps, provide guidance and expertise to control owners, develop remediation recommendations, and track to completion
• Develop and maintain strong relationships based on trust and transparency with control owners, auditors, and customers
• Establish governance across projects with structure on tracking and reporting
• Develop evaluation methods to measure and track compliance, risk and the effectiveness of the security compliance program
• Document and socialize the security compliance programs to provide visibility to control owners and obtain actionable commitment from relevant collaborators
• Monitor the security compliance landscape to identify which standards are relevant for the organization and translate into program actions such as performing gap analysis and remediations
• Identify automation opportunities and implement scalable solutions including technical and monitoring controls

Job Designation

What you bring

• BA/BS degree in Computer Science, Information Systems, a related field or equivalent work experience
• 5+ years of relevant work experience in Security, Compliance, Auditing, Assessments or other GRC related experience
• 2+ years of experience leading security compliance audits and/or customer audits
• Experience with the audit lifecycle including experience testing controls and writing test scripts in various environments and functions
• Experience in working with cross-functional departments and partners to provide security compliance issues, risks, and recommendations
• Industry certification such as CISSP, CISA, CISM, CRISC, ISO27001 Lead Auditor, CompTIA Security+, AWS/Azure Security, and/or equivalent GRC certification
• Experience reviewing compliance evidences required for audit
• Experience coaching and preparing technical teams and SMEs for audit interviews
• Experience engaging with internal, external, and customer auditors

• Self-starter with excellent communication, collaborative, and presentation skills
• Comfortable working in a fast-paced, dynamic environment, and handling multiple projects concurrently
• Strong understanding of common compliance and governance frameworks relevant for a fast-paced SaaS organization
• Comfortable interacting at all levels from C-suite to technical teams
• Strong business sense and leadership skills
• Excellent analytical and problem-solving skills with a quantitative approach to solving problems
• Strong sense of ownership and goal achievement mind
• Familiarity with privacy principles and the intent of privacy regulations including GDPR, CCPA, HIPAA, HITRUST, etc.
• Familiarity with cloud infrastructure (e.g., Azure, AWS) and strong technology SaaS experience

Wage Transparency

• Paid Time Off: earned time off, as well as paid company holidays based on region
• Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement
• Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment
• Retirement Plans: select retirement and pension programs with potential for employer contributions
• Learning and Development: options for coaching, online courses and education reimbursements
• Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events

Life at DocuSign

Our global benefits