Company Overview Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people’s lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign’s Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM). What you'll do As a Cloud & Infrastructure Security Engineer, you will enable new business opportunities by establishing and enforcing cloud security controls, managing vulnerabilities, ensuring secure configuration, and leading initiatives to continuously strengthen the security posture of Docusign deployments to new environments. You’ll design and implement solutions that proactively protect our cloud infrastructure, enabling the business to innovate with confidence. Your expertise will drive secure-by-default practices and deliver impactful security outcomes that support our platform’s ongoing growth This position is an individual contributor reporting to the Sr. Manager, Cloud & Infrastructure Vulnerability Management. Responsibility Design and implement scalable security controls and systems to protect cloud infrastructure across a global environment Design and implement the optimization of enterprise endpoint security tools (e.g., EDR, antivirus, device control) Discover and manage security vulnerabilities and work with teams for remediation Lead initiatives to establish, enforce, and continuously improve cloud security baselines and guardrails Collaborate with engineering, product, and operations teams to embed security into infrastructure, platforms, and development workflows Develop and maintain automation, policy-as-code, and infrastructure-as-code solutions to streamline security operations and compliance Integrate security checks and guardrails into CI/CD pipelines, enabling secure development practices and early detection of risks Respond to cloud security incidents, conduct post-mortems, and drive remediation and platform hardening based on lessons learned Harden cloud resources, images, and registries, and deliver reusable modules and templates for secure-by-default deployments Monitor and reduce configuration drift, verify remediation effectiveness, and manage exceptions with clear criteria and review processes Operate and optimize third-party cloud security platforms, ensuring reliability and alignment with service level objectives Author clear documentation, runbooks, and self-service resources to empower product and platform teams in secure cloud adoption Report on key security metrics, such as coverage, drift, and incident response effectiveness, to drive transparency and continuous improvement Job Designation Hybrid: Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation) Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign. Docusign reserves the right to change a position's job designation depending on business needs and as permitted by local law. What you bring Basic 5+ years of experience in cloud security engineering or related field The individual must be a U.S. Citizen, U.S. National or U.S. Person. Individuals outside of these categories are generally barred from having logical access to IL5 data or infrastructure Bachelor’s degree in Computer Science, Engineering, or related discipline Expereince in one or more security domains, such as endpoint security, configuration compliance, SIEM/SOAR, or ITSM integrations Experience deploying, configuring, and using cloud and endpoint security tools like Microsoft Defender Experience with service desk tools like ServiceNow Experience in at least one programming language (Python, Go, or TypeScript) Experience with policy-as-code and infrastructure-as-code tools (OPA, Sentinel, Conftest, Terraform, CloudFormation, or CDK) Experience integrating security controls into CI/CD pipelines Experience with multi-cloud environments Experience with Kubernetes and container security Experience with incident response and root cause analysis in cloud environments Experience with monitoring, alerting, and defining service level objectives Experience authoring technical documentation, modules, and runbooks Experience with cloud security posture management (CSPM/KSPM) tools Experience hardening images, registries, and implementing workload/runtime controls Experience collaborating with engineering,