Cloud Security Engineer

Company OverviewDocusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign's Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM).What you'll doAs a Cloud Security Engineer focused on AI security, you will shape how we safely adopt AI by ensuring vendor-provided AI and ML solutions are thoroughly tested, hardened, and deployed securely. You'll work closely with engineering and data science teams to go beyond compliance-actively probing for vulnerabilities, validating data handling, and building strong controls for third-party AI technologies. Your expertise will enable secure, responsible AI integration and help the business innovate with confidence while maintaining a strong security posture.This position is an individual contributor role reporting to the Director, Platform Security.ResponsibilityInspect and validate how vendor AI/ML models handle sensitive data during ingestion and inference, including testing for data leakage, memorization, encryption, and tenant isolationDesign and implement secure integration patterns for AI solutions in the cloud, such as API gateways and sandboxing, and partner with the red team to assess and strengthen input/output flowsBuild and maintain monitoring hooks and guardrails to detect model misuse, drift, anomalous output, or potential data exfiltrationImplement technical safeguards and automation, including filtering layers, rate-limiting, DLP for prompts/responses, and synthetic data pipelines to minimize sensitive data exposureCollaborate with engineering, data science, and security teams to embed security into AI development and deployment workflowsPartner with platform engineers and security architects to develop secure deployment patterns and reusable reference architecturesConduct threat modeling for AI/ML-specific attack surfaces (e.g., model inversion, membership inference, data poisoning, adversarial examples) and drive mitigationsSupport incident response and remediation for security events involving AI systemsDocument security processes, runbooks, and best practices for AI in the cloudStay current with emerging threats and best practices in AI and cloud securityJob DesignationHybrid: Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation)Positions at Docusign are assigned a job designation of either In Office, Hybrid or Remote and are specific to the role/job. Preferred job designations are not guaranteed when changing positions within Docusign. Docusign reserves the right to change a position's job designation depending on business needs and as permitted by local law.What you bringBasic2+ years of experience in cloud security engineering, application security, or related fieldBachelor's or Master's degree in Computer Science, Information Security, or related technical field (or equivalent experience)Experience with penetration testing, application security, or offensive security, including applied knowledge of AI/ML attack vectorsExperience in testing APIs, cloud SaaS integrations, and vendor platforms for vulnerabilitiesExperience with AI/ML pipelines and associated risks (e.g., model training vs. inference,

Created: 2026-01-12