Compliance Manager

Docusign, Inc. San Francisco , CA 94118

Posted 3 weeks ago

Compliance Manager

IT, InfoSec, Cyber Risk & Business Operations | San Francisco, California

Our agreement with employees

DocuSign is committed to building trust and making the world more agree-able for our employees, customers and the communities in which we live and work. You can count on us to listen, be honest, and try our best to do what's right, every day. At DocuSign, everything is equal. We each have a responsibility to ensure every team member has an equal opportunity to succeed, to be heard, to exchange ideas openly, to build lasting relationships, and to do the work of their life. Best of all, you will be able to feel deep pride in the work you do, because your contribution helps us make the world better than we found it. And for that, you'll be loved by us, our customers, and the world in which we live.

The team

Our IT, InfoSec, Cyber Risk & Business Ops team - is in the business of trust and reliability. We create, maintain and operate scalable technology and data solutions that strive to deliver an exceptional experience for our internal & external customers. We embrace agile principles and values, favor DevOps practices, and view infrastructure as code, all the while we create an infrastructure that scales and supports our growth and ambitious vision. This requires a smart, highly collaborative team who can identify, investigate, and implement new technologies in the cloud and continue securely scaling our global business.

This position

The Compliance Manager is part of a team responsible for advocating, monitoring, and enforcing compliance through controls, policies, standards, and procedures. In this role, you will be working with senior leaders within Sales, Customer Success, Legal, Operations, and Engineering teams to achieve and maintain DocuSign's compliance with various programs.

This role will be responsible for driving our current compliance efforts, updating existing controls, managing third-party auditors, and maintaining our compliance certifications. This role also interfaces with customers, prospects, and partners by attending meetings with our Sales teams and assisting our Compliance Trust Services team address technical and compliance topics from requests for proposals or security questionnaires. Lastly, periodic travel is required and after-hours duty on an as-needed basis.

Along with the above responsibilities, this role requires direct experience in the management of ISO (27001, 27017, 27018 and 27701), PCI, FedRAMP and DoD programs.

This position is an Individual Contributor and reports to the Director of Compliance.

Responsibilities

  • Develop technical knowledge of DocuSign solutions and the operational processes in place to support the ISO, PCI, FedRAMP and DoD programs

  • Delve into the DocuSign environment and develop a deep understanding of control implementations

  • Review and provide input on technical plans for product architecture, product enhancements and operational improvements to support the business from a compliance perspective

  • Partner with Sales to communicate the DocuSign compliance posture with customers and prospects

  • Guide control owners in documenting control activities and confirm readiness of controls for audit.

  • Liaise with auditors and coordinate audit engagements with control owners throughout the organization

  • Create and maintain documentation related to controls, policies, standards, and procedures

  • Manage audits from third-party assessment organizations or customer auditors

  • Stay informed on changes to the ISO, PCI, FedRAMP and DoD programs and assess impacts to existing control environment

  • Prepare documentation and training materials to support the education of compliance requirements throughout the organization

  • Additional responsibilities and tasks as required and assigned

Basic Qualifications

  • Bachelor's degree or higher in a relevant field or related work experience

  • Minimum of 8 years of related experience with a Bachelor's

Preferred Qualifications

  • Background in internal or external audit engagements

  • Experience with cloud service providers

  • Solid knowledge of SaaS and security concepts

  • Interest and desire to obtain CISSP, CISA, or other globally-recognized security, compliance, or audit certifications

  • Awareness of people versus technology as security factors

  • Experience in project or program management

  • Passion for information security, governance, risk, and compliance

  • Good analytical and communication skills

  • Self-sufficient to manage and prioritize workload

  • Ability to maintain composure in critical situations

  • Focus on customer satisfaction to win our customer's continued business and loyalty

  • Strong attention to details

  • Ability to travel as needed

About us

DocuSign helps organizations connect and automate how they prepare, sign, act on, and manage agreements. As part of the DocuSign Agreement Cloud, DocuSign offers eSignature: the world's #1 way to sign electronically on practically any device, from almost anywhere, at any time. Today, hundreds of thousands of customers and hundreds of millions of users in over 180 countries use DocuSign to accelerate the process of doing business and simplify people's lives. Plus, we save more trees together! And that's a good thing.

DocuSign is an Equal Opportunity Employer. DocuSign is committed to building a diverse team of talented individuals who bring different perspectives to the business and who feel a sense of inclusion and belonging when they join our team. Individuals seeking employment at DocuSign are considered without regards to race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status, or any other legally protected category.

#LI-DS1


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Compliance Manager

Sift

Posted 3 months ago

VIEW JOBS 1/22/2020 12:00:00 AM 2020-04-21T00:00 About the Team: Sift is looking for an experienced Compliance Manager to join our small, but mighty Legal & Compliance team. You will report to our VP, Legal and Compliance, and work closely with our Security Engineering function to accomplish our company's security-related and data protection compliance objectives. We're a team that aims to execute quickly, but thoughtfully, always balancing risk with business objectives. What We're Looking For: We're looking for a self-starter, who will drive our compliance efforts and risk management programs. This includes being our policy go-to -- researching, developing, writing and updating security and related policies that align with various compliance and security objectives, such as SOC II and PCI (or other initiatives you advise the company to take on). You'll keep up-to-date on upcoming compliance changes that may impact Sift and be a (pragmatic) advocate for changes that align with the company's goals. What you'll do: * Lead and drive our compliance efforts, building and cultivating positive working relationships across departments and advising on compliance roadmap. * Lead and further develop our risk management program, including working with other departments, such as Security Engineering, IT, Legal, HR, in annual compliance audits and preparing assessment and audit documentation for regular reviews. * Regularly conduct internal audits to track adherence and perform gap assessments to track compliance readiness. * Develop, update and maintain security policies, procedures and methodologies. * Assist with completing security questionnaires from customers and answering customer questions with respect to compliance; work with the marketing team to create customer collateral to educate internal staff and aid in the sales process. * Work closely with our Security Engineering and Product teams to ensure our products are validated against compliance standards (e.g., SOC2 Type II). * Manage vendor security reviews and perform vendor risk assessments. * If you have strong EU data protection knowledge and credentials, you could potentially serve as our data protection officer. What would make you a strong fit: * Bachelor's degree * 5+ years in compliance including, writing security policies/procedures and risk assessment * Advanced compliance knowledge (SOC II Type 2, PCI); experience in broader data protection is a plus. * Experienced in organizing, documenting, tracking and executing projects * Professional certifications in security, privacy risk management, and audit areas are a plus, such as CISSP, CIPP, or CISA. * A great teammate with a sense of humor! A little about us: Sift is the leading innovator in Digital Trust & Safety. Hundreds of disruptive, forward-thinking companies like Airbnb, Zillow, and Twitter trust Sift to deliver outstanding customer experience while preventing fraud and abuse. The Sift engine powers Digital Trust & Safety by helping companies stop fraud before it happens. But it's not just another anti-fraud platform: Sift enables businesses to tailor experiences to each customer according to the risk they pose. That means fraudsters experience friction, but honest users do not. By drawing on insights from our global network of customers, Sift allows businesses to scale, win, and thrive in the digital era. Benefits and Perks: * Competitive total compensation package * 401k plan * Medical, dental and vision coverage * Wellness reimbursement * Education reimbursement * Flexible time off * Catered meals Sift is an equal opportunity employer. We make better decisions as a business when we can harness diversity in thought, experience, data, and background. Sift is working toward building a team that represents the worldwide customers that we serve, inclusive of people from all walks of life who can bring their full selves to work every day, so we can Win as One Team. Sift San Francisco CA

Compliance Manager

Docusign, Inc.