• Responsible for identification, long-term positioning and capture execution for key/strategic opportunities. • Develop large, strategic captures in the commercial market space thru a matrixed team of functional and support specialists throughout the engagement from qualification through opportunity closure to include the development of technical solutions and win strategies; develop and execute capture plans, as well as refine bid strategies to enhance proposal readiness. • Gathers, assesses, and validates new customer needs, both business and technical, working with Business Development, Project Management (Delivery) and Account Executives (Sales). • Works with Account leads to determine appropriate contact plans and technical solutions to meet the customer's requirements and bid strategy to win the opportunity. Identifies customer-wide IT parameters and constraints that impact the solution. • Identifies probable competition and evaluates relative strengths and competitive threats • Anticipates, understands, and plans for market threats. • Understands UT offerings and maps against assessment of client requirements/needs—identifies gaps and strategies to close business. • Applies a comprehensive understanding of pricing, baseline pricing strategies, and the evolution of pricing strategies to translate into capture strategies that are competitive and compelling for the customer.

• Drive the design and implementation of enterprise data protection capabilities across Microsoft 365, endpoints, and cloud platforms • Protect sensitive data across its full lifecycle • Discover, classify, and secure data while reducing enterprise risk • Work across multiple technologies and teams to ensure data security controls are scalable • Collaborate with IT, Legal, Compliance, and business stakeholders to ensure sensitive data is identified, classified, and protected • Design, deploy, and tune DLP policies across Microsoft Purview DLP • Configure and manage labeling policies, trainable classifiers, and exact data match for sensitive data types • Integrate DLP capabilities with the Defender suite • Monitor DLP incidents, conduct root-cause analysis, and drive policy refinement • Partner with data owners across business units to ensure proper classification of structured and unstructured data assets

Role Description Docusign is seeking a skilled and adaptable attorney as a member of the Commercial, Growth, and Trust team, focusing on cybersecurity, to help us support Docusign's mission of providing unmatched confidence and dependability in keeping its customers' data secure. Reporting into our Vice President and Deputy General Counsel, Commercial, Growth and Trust, you will support a best-in-class cybersecurity legal function and be at the forefront of cybersecurity and data protection issues. If you're ready to take on the challenge of shaping the future of cybersecurity in a leading technology company, we want to hear from you. This position is an individual contributor role reporting to the Vice President and Deputy General Counsel, Commercial, Growth and Trust. Responsibilities - Provide expert legal advice to cross-functional teams as it relates to managing cybersecurity risks and compliance with global cybersecurity laws and regulations. - Provide legal guidance on regulatory, third-party, and internal security audits, and participate in cross-functional workstreams to scope and perform periodic security hygiene assessments, mitigation, and remediation. - Help enhance Docusign's data governance posture, including operations and documentation, employee training and security obligations, promoting a culture of awareness and compliance throughout the organization, policy monitoring, audit, and enforcement, and third-party risk assessments. - Collaborate with the global legal team to align security and data practices across the company, ensuring a unified approach to data protection. - Support building and improving holistic incident detection and response processes. - Provide support and counsel during cybersecurity-related investigations and the response to data incidents, including incident notification and mitigation strategies, to minimize impact and maintain customer trust. - Remain up-to-date on relevant data security laws and regulations, industry approaches to data governance program management, and on data compliance and security technological developments, threat vectors, and evolving industry standards to provide solutions to complex issues. - Help support thought leadership, prepare board and executive presentations, regulatory filings, and other legal disclosures to ensure accuracy and completeness of cybersecurity representations. - Support global AI governance, helping the business teams continue responsible innovation efforts. Qualifications - Juris Doctorate Degree, or equivalent international degree. - Active membership in at least one state bar. - 12+ years of experience as a practicing attorney in a law firm, government agency, or in-house legal team, with a substantial number of those years focused on cybersecurity and incident response. - Experience providing guidance (and teaming with others) to advise on best practices for complying with global privacy and cybersecurity laws and regulations. Requirements - Strategic vision and ability to spot issues, clearly and concisely communicating complex legal issues to a variety of legal and non-legal partners across the company. - Experience negotiating, drafting, and updating documents and policies. - Excellent attention to detail and organizational skills. Skilled at managing multiple priorities in a fast-paced business and tech-forward environment. - Strong communication and interpersonal skills, with the ability to collaborate effectively with different teams and stakeholders. - Ability to work calmly with a sense of urgency while prioritizing competing interests. - Ability to work independently, and as part of a team, with members across multiple offices in a fast-paced environment. - A client-first mentality. - Demonstrated ability to maintain strong working relationships with a variety of internal clients. Benefits - Paid Time Off: earned time off, as well as paid company holidays based on region. - Paid Parental Leave: take up to six months off with your child after birth, adoption or foster care placement. - Full Health Benefits Plans: options for 100% employer paid and minimum employee contribution health plans from day one of employment. - Retirement Plans: select retirement and pension programs with potential for employer contributions. - Learning and Development: options for coaching, online courses and education reimbursements. - Compassionate Care Leave: paid time off following the loss of a loved one and other life-changing events.

• Lead the enterprise Cybersecurity Governance Program • Develop and maintain cybersecurity KPIs, KRIs, scorecards, and executive reporting • Prepare and facilitate monthly Cybersecurity Governance Reviews and executive presentations • Track cybersecurity initiatives, remediation activities, and strategic priorities • Drive accountability for cybersecurity performance across the organization • Lead enterprise cyber risk identification, assessment, reporting, and remediation programs • Maintain cybersecurity risk registers and risk treatment plans • Facilitate risk reviews with business and technology stakeholders • Present cybersecurity risk posture to senior leadership • Own cybersecurity policies, standards, procedures, and governance frameworks • Ensure alignment with industry standards and regulatory requirements • Maintain governance processes supporting cybersecurity decision-making • Lead cybersecurity compliance activities supporting PCI DSS, SOX, regulatory, and contractual requirements • Coordinate internal and external audits • Manage remediation efforts resulting from audit findings and assessments • Maintain cybersecurity control documentation and evidence repositories • Lead Supplier Information Security Requirement (SISR) governance and oversight • Manage third-party cybersecurity risk assessments and monitoring • Partner with Procurement, Legal, and Vendor Management organizations to ensure supplier security compliance • Lead enterprise cybersecurity awareness, training, and phishing simulation programs • Establish metrics to measure effectiveness and maturity • Drive continuous improvement of employee cybersecurity culture • Provide governance oversight of various security assurance and testing programs • Ensure testing results are tracked, reported, and remediated appropriately • Lead and develop cybersecurity governance personnel and contractors • Manage vendor and consulting relationships supporting GRC activities • Establish goals, objectives, and performance measures for the organization • Build a scalable governance function supporting DIRECTV's cybersecurity strategy.