Senior Manager, Threat Detection Engineering

November 21

Apply Now

Receive Emails with Similar Jobs

Docusign

WebsiteLinkedInAll Job Openings

eCommerce • Finance • SaaS

Docusign is a leading provider of electronic signature technology and Intelligent Agreement Management (IAM), enabling organizations to create, manage, and secure agreements digitally. It simplifies contract lifecycle management, automates document processes, and facilitates customer experiences by transforming agreement data into actionable insights. With a trusted platform used by millions worldwide, Docusign helps businesses reduce risk, save time, and improve efficiency in various sectors, including financial services, insurance, real estate, and government.

5001 - 10000 employees

Founded 2003

🛍️ eCommerce

💸 Finance

☁️ SaaS

📋 Description

• Recruit, mentor, and grow a team of skilled threat detection engineers, fostering a culture of excellence, innovation, and continuous learning with a strong emphasis on software development and engineering principles • Plan team strategy, resource allocation, and hiring to support Docusign's growth and evolving security needs • Develop and champion a comprehensive strategic vision and technical roadmap for threat detection capabilities across Docusign's diverse technology stack • Stay abreast of emerging threats, attacker TTPs, and industry best practices to inform detection priorities, with a focus on engineering efficiency and scalability • Take direct ownership of the security data pipeline and SIEM platform which includes overseeing the collection, ingestion, processing, and storage of security telemetry, ensuring the platform is optimized for performance, scalability, and reliability to support all threat detection needs • Work closely with infrastructure teams to maintain and uplift the underlying data infrastructure • Lead the full lifecycle of threat detection, from designing instrumentation and telemetry systems to creating, testing, deploying, and enhancing behavioral, rule-based, and machine learning detections • Leverage an engineering approach to ensure high fidelity detections • Implement and execute a fullstack software development lifecycle for the purposes of Detection-as-Code • Collaborate closely with the Incident Response team to translate threat intelligence into actionable detections, automate response workflows, and reduce mean time to detect and mean time to respond • Participate in post-incident reviews to drive continuous improvement, applying engineering rigor to the process • Drive the adoption and integration of new detection technologies, frameworks, and processes • Architect and maintain scalable, automated security discovery and containment systems leveraging SIEM/SOAR platforms, EDR, network traffic analysis tools, and cloud-native security solutions, with an engineering focus on reliability and performance • Partner effectively with engineering, product, and other security teams (e.g., Threat Intelligence, Security Engineering, Red Team) to ensure comprehensive coverage, address blind spots, and instill security monitoring best practices throughout the software development lifecycle, promoting a collaborative engineering environment • Establish and author repeatable and scalable processes around detection and automation engineering, including Detection-as-Code principles and continuous integration/continuous deployment (CI/CD) for detections • Define and track key performance indicators (KPIs) to measure the effectiveness of detection capabilities and team engineering output • Distill complex technical security concepts into clear, concise communications for both technical and non-technical stakeholders, including senior leadership

🎯 Requirements

• 8+ years of progressive experience in cybersecurity, with at least 3 years in a dedicated threat detection engineering role • 3+ years of proven experience in an engineering management role, with a track record of building, mentoring, and scaling security teams with an engineering-focused culture • Experience building detection programs at scale in large, complex, cloud-inclusive environments (e.g., AWS, Azure, GCP), applying sound engineering principles • Experience in the design, implementation, and management of security data pipelines and SIEM platforms • Experience with the cyber threat landscape, attacker tactics, techniques, and procedures (TTPs), and frameworks such as MITRE ATT&CK • Experience with detection rule languages (e.g., SPL, KQL) and advanced query development, with an understanding of the underlying data structures and query optimization • Experience writing detections based on diverse security signals and telemetry (e.g., network traffic, endpoint logs, cloud logs), with an engineering approach to signal processing and analysis • Experience with security tools and technologies such as SIEM/SOAR platforms (e.g., Splunk, Sentinel), EDR, IDS/IPS, network traffic analysis tools (e.g., Zeek, Suricata, Yara), and cloud security solutions, with an understanding of their architecture and integration • Experience with programming (e.g., Python, Go, PowerShell, React) for security tooling, automation, and API integrations, with a focus on writing clean, maintainable, and efficient code • Experience analyzing and interpreting large datasets and logs to identify security risks and events, applying data engineering and analysis techniques • Experience with software development fundamentals, CI/CD pipelines, and Detection-as-Code practices, including version control, testing, and automated deployment of detections • Experience with AI and Machine Learning applications in threat detection and security, including the ability to evaluate, implement, and manage AI-based detection solutions and secure AI/ML systems • Experience with data pipeline technologies and architectures, including data collection, ingestion, processing, and storage for security data, with hands-on experience managing and optimizing these systems • Experience with SIEM platform administration, configuration, and optimization, including data onboarding, parsing, correlation rule development, and dashboard creation • Proven ability to collaborate effectively across cross-functional teams, influence stakeholders, and drive consensus, fostering a collaborative engineering environment

🏖️ Benefits

• Paid Time Off: earned time off, as well as paid company holidays based on region • Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement • Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment • Retirement Plans: select retirement and pension programs with potential for employer contributions • Learning and Development: options for coaching, online courses and education reimbursements • Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events