Risk Analyst

Docusign, Inc. Seattle , WA 98113

Posted 3 months ago

Security Risk Analyst
IT, InfoSec, Cyber Risk & Business Operations | Seattle, Washington
Our agreement with employees
DocuSign is committed to building trust and making the world more agree-able for our employees, customers and the communities in which we live and work. You can count on us to listen, be honest, and try our best to do whats right, every day.
At DocuSign, everything is equal. We each have a responsibility to ensure every team member has an equal opportunity to succeed, to be heard, to exchange ideas openly, to build lasting relationships, and to do the work of their life. Best of all, you will be able to feel deep pride in the work you do, because your contribution helps us make the world better than we found it.
And for that, youll be loved by us, our customers, and the world in which we live.
The team
Our IT, InfoSec, Cyber Risk & Business Ops team - is in the business of trust and reliability. We create, maintain and operate scalable technology and data solutions that deliver an exceptional experience for our internal & external customers. We embrace Agile principles and values, favor DevOps practices, and view infrastructure as code, all while we create an infrastructure that scales and supports our growth and ambitious vision.
This requires a smart, highly collaborative team who can identify, investigate, and implement new technologies to continue securely scaling our global business.
This position
Our Information Security Team is seeking a passionate, customer focused, and eager security professional to join our team. This is a unique opportunity to work and own everything security of a best-in-class, cloud-based platform on which DocuSign, customer, and partner applications run. In this dynamic and fast paced role, as Security Risk Analyst you will be responsible for driving risk treatment across all business lines of the company.
Your background in numerous information security and cyber security domains will allow you to contribute to helping the business manage its risks. Your experience in the risk space will enable you to build and foster relationships and to teach others how to manage risk. Your demonstrated ability to communicate complex security topics to technical, business, and executive audiences will shape how we protect DocuSign's employees, customers, and brand in the face cyber threats.
You will also have a secondary responsibility to assess designs, architectures, and processes. This is a fantastic opportunity to join a team who live and breathe information security and to work for a company with security in its DNA.
This position reports to the Senior Director of Information Security.
Responsibilities
Act as Information Security Risk leader, consultant and advisor to all DocuSign business lines.
Communicate Information Security Risk through documentation, conversation, and presentations with an objective of driving awareness and informed decision making.
Evangelize and mentor internal audiences on information security principles and risk management.
Build, enhance, and document processes to facilitate more efficient engagement with, utilization of, and incorporation into existing Information Security programs and capabilities.
Assist in presenting various aspects of the information security risk management program to customers, prospects, auditors, and internal teams.
Perform or assist with threat models, risk assessments, security reviews, vulnerability management, compliance audits, and/or control frameworks.
Assess technical designs, project plans, and proposed initiatives against our security principles; and work to ensure they are addressed with minimal business impact, and that risk is identified and documented.
Develop and document information security standards, guidelines, and tools that enable business and systems owners to apply good security in their environments.
Help maintain, manage, and constantly improve DocuSigns Risk Management process.

Basic Qualifications
5+ years of industry experience of Audit, Compliance, Regulatory or Risk and driving technology risk management processes, methodologies and tools.
3+ years of experience in technical program management, project management, or similar business experience.
2+ years of IT industry experience at enterprise scale.
Bachelors degree in Management Information Systems, Computer Science or related field.
Security Engineering background or experience.
Experience with global technology implementation efforts and rollouts in large organizations.
Preferred Qualifications
Demonstrate knowledge of risk management methods, standards, processes, governance models, and industry standard risk analysis approach.
Have planned and maintained multiple parallel projects, and open to new ideas.
Excellent written and verbal communication skills.
Handles multiple competing priorities in a fast-paced, deadline-driven environment.
Demonstrated ability to deal with ambiguity in a rapidly changing business environment.
Ability to exercise sound judgement, problem solve, and make decisions in complex situations
Skilled in business risk analysis and making technical trade-offs between short versus long-term security and business goals.
Proven ability to take ownership, self-motivate, and deliver results in highly ambiguous environments.
CISSP, CISM, CISA or similar professional certification.
About us
DocuSign helps organizations connect and automate how they prepare, sign, act on, and manage agreements. As part of the DocuSign Agreement Cloud, DocuSign offers eSignature: the world's #1 way to sign electronically on practically any device, from almost anywhere, at any time.
Today, hundreds of thousands of customers and hundreds of millions of users in over 180 countries use DocuSign to accelerate the process of doing business and simplify people's lives. Plus, we save more trees together! And thats a good thing.
DocuSign is an Equal Opportunity Employer.
DocuSign is committed to building a diverse team of talented individuals who bring different perspectives to the business and who feel a sense of inclusion and belonging when they join our team. Individuals seeking employment at DocuSign are considered without regards to race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, citizenship status, or any other legally protected category.
#LI-DS1


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Risk Analyst

Amazon.Com, Inc.

Posted 2 months ago

VIEW JOBS 12/17/2019 12:00:00 AM 2020-03-16T00:00 Amazon Customer Service (CS) is one of the largest customer service organizations in the world with a strong culture, going back to the earliest days of Amazon. Our business operations include tens of thousands of Customer Service Associates around the globe who provide world-class support to customers 24 hours a day, 7 days a week, and in over 15 languages (and growing). We focus on learning, sharing, innovating, having fun at work, and are customer-focused, with a direct line of engagement with our users. The Governance, Risk and Compliance (GRC) team has a new program focused on developing, operationalizing and managing a range of new and existing security initiatives with a significant positive impact. Our work is meaningful and directly impacts Amazon's bottom line. The goal of GRC's security assurance team is to provide proactive risk management to enhance the CS security posture. We are looking for a highly motivated Risk Analyst, with a strong passion for ownership and accountability. They will influence and shape the face of customer service security by helping a range of stakeholders, teams, partners and services understand their risk and implement mitigating controls. This role is critical in supporting the fundamental elements of our mission, earning and maintaining customer trust, and rigorously safeguarding customer data. A successful candidate will be able to leverage deep knowledge of information security, privacy and technology risk domains to continuously identify, track and measure risk, to tighten all aspects of security for the world's most customer-centric company. Key responsibilities: * Contribute to security-related initiatives including information security and technology risk assessments, third-party security management, security risk and issue management, security risk metrics, reporting, and compliance as well as various other programs. * Collaborate with cross functional teams including Information Security, Customer Engagement Technology (CET), CS Operations, Legal, Internal Audit and Global Outsourcing (GO) partners to, evaluate complex business and technology risk, internal controls which mitigate risks and related opportunities for internal control improvement * Work to ensure risk processes are embedded within day-to-day operations to drive alignment controls across platforms and business verticals * Assist CS technology and business stakeholders in informed decision making by providing transparency into risk exposures and recommending mitigation strategies that align with business goals and overall objectives to protect the confidentiality, integrity, and availability of information systems and data * Supporting the risk management program in identification, assessment and mitigation initiatives to raise the security bar and achieve security compliance obligations * Continually grow, utilize and improve team processes, structure and interactions for a successful risk management program * Dive deep into known issues and partner to identify/validate root causes and solutions * Maintain and enforce terminology, reporting requirements, and automation to ensure consistent analysis * Drive effective teamwork, communication, collaboration and commitment across multiple groups Amazon.Com, Inc. Seattle WA

Risk Analyst

Docusign, Inc.