Company Overview Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people’s lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign’s Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM). What you'll do Docusign is looking for a highly qualified, hands-on Salesforce Senior DevSecOps Engineer to spearhead the security and automation of our SaaS IT application delivery. In this role, you will be the bridge between development, security, and operations, ensuring that our deployment pipelines are not only lightning-fast but also inherently secure. The ideal candidate is a Python expert who views Security as Code and has extensive experience automated pipeline and deployment. This position is an individual contributor role reporting to the Director, IT - Application Productivity Engineering. Responsibility Lead Salesforce deployment initiatives with a strong focus on automation, reliability, repeatability, and security across environments Automate Salesforce environment refresh tasks to reduce manual effort, improve consistency, and accelerate release cycles Design and implement Scratch Org setups to enable isolated development, testing, and efficient CI workflows Build and maint enterprise-grade CI/CD pipelines using GitHub Actions, emphasizing reusable workflows and composite actions for scale and standardization Integrate security directly into pipelines by implementing GitHub Advanced Security (GHAS), including CodeQL code scanning, secret scanning, and dependency reviews using Dependabot Develop custom Python-based tooling to automate compliance checks, validate deployments, and assist with vulnerability detection and remediation Serve as a DevSecOps subject matter expert, mentoring development teams on secure coding best practices and helping them understand and remediate security findings early in the SDLC Job Designation Hybrid: Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation) Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign. Docusign reserves the right to change a position's job designation depending on business needs and as permitted by local law. What you bring Basic 8+ years of revelant experience Experience with Salesforce architecture, deployments, and environment management, including Scratch Orgs, sandbox strategies, automated refreshes, and CI/CD-driven release processes Experience securing and managing AWS services including EKS/ECS, Lambda, S3, RDS, with profound technical expertise in IAM policy design and enforcement Experience with GitHub Actions and GitHub Enterprise, architecting reusable and scalable workflows to support complex, enterprise-grade SaaS deployments Experience developing clean, production-ready Python for infrastructure automation, API integrations, compliance checks, and security tool orchestration Experience configuring and operationalizing CodeQL, managing secret scanning alerts, dependency reviews, and implementing custom security policies across repositories Expereince with Docker and Kubernetes security, including image hardening, vulnerability scanning, and runtime security policy enforcement Preferred Proven track record of migrating legacy DevOps pipelines to a modern DevSecOps model Wage Transparency Pay for this position is based on a number of factors including geographic location and may vary depending on job-related knowledge, skills, and experience. Based on applicable legislation, the below details pay ranges in the following locations: California: $140,000.00 - $225,075.00 base salary This role is also eligible for the following: Bonus: Sales personnel are eligible for variable incentive pay dependent on their achievement of pre-established sales goals. Non-Sales roles are eligible for a company bonus plan, which is calculated as a percentage of eligible wages and dependent on company performance. Stock: This role is eligible to receive Restricted Stock Units (RSUs). Global benefits provide options for the following: Paid Time Off: earned time off, as well as paid company holidays based on region Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement Full Health Benefits Plans: options for 100% employer paid and minimum