Risk Compliance Consultant

Issue Management



Triage issues to accurately assess and capture them within the GRC tool

Manage and enhance the issue reporting metrics

Operationalize SLAs for issue management

Integrate Issue program across the DocuSign processes and effectively measures effectiveness of the integrations

Effectively document, review, and enhance the issue management standard, methodologies, policy or operating procedures

Provide subject matter expertise on issues tracked by issue management

Evaluate remediation efforts including the design and effectiveness of operational controls, based on industry best practice models in accordance w/ risk and compliance requirements

Engage with your stakeholders to identify issues, understand their needs and challenges to proactively find ways that your program can support





Risk Management

Identify, assess, monitor, and report risks with minimal supervision

Complete targeted risk assessments based on DocuSign framework as well as industry requirements

Operationalize SLAs for risk management

Support and enhance the risk reporting metrics

Integrate Risk program across the DocuSign processes and effectively measures effectiveness of the integrations.

Support documentation, review, and enhancement of the risk management standard, methodologies, policy or operating procedures

Provide subject matter expertise on risks tracked by risk management

Evaluates mitigation efforts including the design and effectiveness of operational controls, based on industry best practice models in accordance w/ risk and compliance requirements.

Engage with your stakeholders to identify issues, understand their needs and challenges to proactively find ways that your program can support



Data Security Governance

Conduct data security assessments based on DocuSign and industry standard best practices and bring recommendations for security posture improvement

Perform IAM focused assessments on DocuSign internal applications and systems to ensure compliance with internal IAM Standards and best practices

Update inventory of critical applications and systems and ensure they undergo standardized account recertifications, have appropriate IAM processes, and are accessed through a standardized SSO solution

Identify data security threats/risks through collaborating with other Data Security team members/application & system owners/stakeholders

Map data flow diagrams to provide visibility on where sensitive data lies and document how they are adequately secured

Provide ongoing reporting to data security and access governance program

Respond to and follow up with Data Security questions/concerns and provide cybersecurity / technical advisory

-5+ years of experience conducting security risk assessments

-Experience with PCI framework (4.0 preferred)

-Targeted risk assessment experience

-Previously worked as a consultant that has run audits

-5+ years experience in GRC-risk specifically

-Extensive knowledge of risk methodologies

(THIS IS NOT AN OPERATIONAL RISK ROLE)

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.