Job Details

Company Overview

Docusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now, these were disconnected from business systems of record, costing businesses time, money, and opportunity. Using Docusign's Intelligent Agreement Management platform, companies can create, commit, and manage agreements with solutions created by the #1 company in e-signature and contract lifecycle management (CLM).

What you'll do

As an Insider Risk Forensic Investigator, you will be responsible for leading and conducting complex investigations into potential insider threats, data loss, policy violations, and other security incidents involving employees, contractors, or trusted partners. This role combines digital forensics, behavioral analysis, and investigative expertise to identify, assess, and mitigate risks posed by insiders. This role also will collaborate with cross-functional teams, develop investigative strategies, and provide actionable recommendations to protect the organization's assets and reputation.

This position is an individual contributor role reporting to the Senior Director, US Public Sector Compliance.

Responsibilities

• Lead and manage end-to-end investigations into suspected insider threats, data breaches, intellectual property theft, fraud, and other security incidents
• Collect, preserve, and analyze digital evidence from endpoints, servers, cloud environments, and other data sources in accordance with legal and regulatory requirements
• Utilize forensic tools and techniques to reconstruct events, identify root causes, and determine the scope and impact of incidents
• Develop and implement investigative protocols, workflows, and best practices for insider risk investigations
• Collaborate with Legal, HR, IT, Compliance, and other stakeholders to ensure thorough and legally defensible investigations
• Prepare detailed investigative reports and present findings to executive leadership
• Monitor and analyze user behavior analytics, data loss prevention (DLP) alerts, and other security telemetry to proactively identify potential insider risks
• Maintain up-to-date knowledge of emerging threats, investigative methodologies, and relevant laws and regulations
• Mentor and train junior investigators and team members on forensic and investigative techniques
• Support the development and continuous improvement of the organization's insider risk program

Job Designation

Hybrid: Employee divides their time between in-office and remote work. Access to an office location is required. (Frequency: Minimum 2 days per week; may vary by team but will be weekly in-office expectation)

What you bring

Basic requirements include:

• BS/BA degree or equivalent in digital investigation forensic computing
• 8+ years of experience in digital forensics, incident response, or insider threat investigations.
• Experience with forensic tools (e.g., EnCase, FTK, X-Ways, Cellebrite), SIEM, DLP, and endpoint detection platforms
• Experience with behavioral analytics, user activity monitoring, and risk assessment methodologies

Preferred qualifications include:

• Exposure to programming, scripting and query languages such as Python, SQL
• Experience with digital forensics as part of legal proceedings
• Understanding of legal, regulatory, and privacy considerations related to investigations

Wage Transparency

Pay for this position is based on a number of factors including geographic location and may vary depending on job-related knowledge, skills, and experience.

Based on applicable legislation, the pay range in California is: $157,500.00 - $254,350.00 base salary

This role is also eligible for bonus, stock, and benefits, including paid time off, paid parental leave, full health benefits plans, retirement plans, learning and development opportunities, and compassionate care leave.

Equal Opportunity Employer

Docusign is an Equal Opportunity Employer and makes hiring decisions based on experience, skill, aptitude and a can-do approach. We will not discriminate based on race, ethnicity, color, age, sex, religion, national origin, ancestry, pregnancy, sexual orientation, gender identity, gender expression, genetic information, physical or mental disability, registered domestic partner status, caregiver status, marital status, veteran or military status, or any other legally protected category.