Sr. Security GRC Product Manager

Job Description

Company OverviewDocusign brings agreements to life. Over 5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people’s lives.

With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign’s Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM). What you’ll doDocusign is hiring a Senior Security GRC Product Manager to own the strategy, roadmap, and delivery of governance, risk, and compliance (GRC) platforms and capabilities.

You will partner with engineering, security, compliance, and business stakeholders to design and scale automation-first solutions that simplify and modernize risk and compliance processes across the enterprise. This is a senior individual contributor role requiring strategic vision, product management expertise, and deep understanding of security and compliance frameworks.

You will own the full product lifecycle—from gathering requirements and prioritizing features to driving adoption and delivering measurable outcomes. This position is an individual contributor role reporting to the Senior Director of Security Governance, Risk Management and Compliance. ResponsibilityDefine and execute the product strategy and roadmap for GRC platforms (e.

g. , ServiceNow IRM, OneTrust, Archer, LogicGate, or custom tools)Partner with Security, Engineering, Compliance, and business teams to translate regulatory, audit, and business requirements into scalable workflows and automationCollaborate with GRC Engineering to deliver integrations, dashboards, and reporting that provide real-time visibility into risk, compliance and control postureAct as product owner in agile ceremonies: prioritize backlogs, define user stories, and ensure delivery against roadmap commitmentsDrive the design and continuous improvement of workflows for risk assessments, control testing, policy exceptions, issues management, and evidence collectionDrive adoption and continuous improvement of GRC tools by engaging with users across engineering, business, and compliance teamsEnsure GRC platforms are integrated with cloud, SaaS, and enterprise systems to support automated evidence and monitoringDeliver dashboards, KPIs, and reporting logic that provide executives with actionable insightsEngage stakeholders across security, engineering, and business functions to drive adoption, usage, and measurable business impactJob DesignationHybrid:Employee divides their time between in-office and remote work. Access to an office location is required.

(Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation) Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign.

Docusign reserves the right to change a position’s job designation depending on business needs and as permitted by local law. What you bringBasic8+ years of experience in product management, security GRC, or related domainsBachelor’s degree in Information Security, Risk Management, Computer Science, or related fieldExperience with security, risk, compliance, and control frameworks (ISO 27001, SOC 2, NIST CSF, FedRAMP, GDPR, DORA, HIPAA)Experience with GRC platforms such as ServiceNow IRM, Archer, OneTrust, or LogicGateProven ability to translate regulatory and security requirements into business and technical specificationsExperience delivering automation-enabled workflows for GRC use casesPreferredExcellent stakeholder management skills, with the ability to influence across engineering, compliance, and executive teamsCertifications such as CISM, CRISC, CISSP, CTPRP, or PMPExperience building dashboards and reporting with tools like Tableau, Power BI, or LookerTrack record of scaling enterprise-wide GRC programs with automation and integrationsStrong communication and executive presence, with experience briefing senior leadershipWage TransparencyPay for this position is based on a number of factors including geographic location and may vary depending on job-related knowledge, skills, and experience. Based on applicable legislation, the below details pay ranges in the following locations: California: $140,000.

00 – $225,0700 base salary Illinois, Colorado, Massachusetts and Minnesota: $133,800. 00 – $189,000.

00 base salary

EWJD3