Key skills
AILeadershipMentoringCommunicationPenetration TestingNetwork Security
About this role
Docusign is a leading company that provides intelligent agreement management solutions, helping over 1.5 million customers streamline their business processes. They are looking for a Lead Security Engineer to spearhead offensive security testing initiatives, including penetration tests and red team exercises, while mentoring team members and collaborating with various stakeholders to enhance product security.
Responsibilities:
- Provide clear technical guidance and direction to the team
- Mentor team members, imparting advanced offensive security skills and knowledge
- Oversee the planning and execution of offensive security projects
- Identify and direct areas for security investigation in coordination with the director and other leads
- Serve as a key subject matter expert and point of contact for stakeholders, assisting with vulnerability impact analysis and defining remediation strategies
- Work closely with the Product Security Incident Response Team (PSIRT) and engineering teams to analyze and drive the resolution of product security issue
- Maintain professional and responsive communication with all stakeholders throughout the security evaluation lifecycle
- Message key threats to the business to relevant stakeholders
- Collaborate effectively with cross-functional groups, including Threat Intelligence and PSIRT, to continuously strengthen the overall product security posture
Requirements:
- 12+ years experience (8+ with a Master's degree) in security research, red teaming or penetration testing experience including on web application security
- Experience in exploit development
- Experience with cybersecurity principles, incident response lifecycles, and security best practices
- Experience with CVSS (Common Vulnerability Scoring System) for rating vulnerabilities, MITRE ATT&CK for adversary tactics and techniques, and CWE (Common Weakness Enumeration) for identifying and categorizing software weaknesses
- Experience leading a team effectively and communicating offensive security findings to leadership
- Strong analytical and problem-solving skills, with a keen eye for detail
- Excellent written and verbal communication skills, with the ability to explain technical concepts clearly
- Bachelor's degree in Computer Science, Information Security, or a related field
- Industry certifications such as OSCP, GXPN, OSEP, OSWA, OSWE, OSDA
- Experience with cloud, container, or network security testing
- Experience with AI security testing