Lead compliance and certification programs across security and regulatory frameworks
Manage audit cycles, partner with external assessors, and drive audit readiness initiatives
Improve controls, processes, and evidence management practices across the organization
Build and maintain risk and controls frameworks that support Figma's security posture
Develop third-party risk management strategies and enterprise risk reporting programs
Manage the lifecycle of organizational security policies, standards, and procedures
Drive policy awareness and stakeholder engagement across the company
Ensure governance practices align with regulatory
Select, implement, and optimize GRC platforms and supporting workflows
Scale evidence collection, reporting, and program management capabilities
Identify opportunities to automate and streamline GRC operations Customer Trust
Support customer trust and business enablement activities across the sales lifecycle
Manage security knowledge bases, customer-facing documentation, and trust publications
Lead compliance programs across frameworks such as SOC 2, ISO 27001, FedRAMP, SOX ITGC, GDPR, and NIS2
Manage external audits and certification activities while partnering with auditors and assessors
Build and maintain risk and controls frameworks, including common control frameworks that support multiple certifications
Conduct risk and gap assessments and drive remediation efforts across technical and business stakeholders
Improve control effectiveness and operational efficiency through rationalization and process optimization
Implement and optimize GRC platforms that scale evidence collection and program management
Maintain security policies and governance processes that align with organizational risk objectives
Support customer trust initiatives, including security questionnaires, audits, and customer-facing security communications
Requirements
Figma’s platform helps teams bring ideas to life—whether you're brainstorming, creating a prototype, translating designs into code, or iterating with AI.
From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world.
Figma's GRC team helps build and maintain trust with our users, regulators, business partners, and the organizations that rely on Figma every day.
Whether your expertise is in compliance, risk management, governance, GRC tooling, or customer trust, you'll have the opportunity to build programs, improve processes, and help shape how Figma scales security and trust.
experience in information security, compliance, risk management, or a related field Hands-on
experience supporting security and compliance frameworks such as SOC 2, ISO 27001, FedRAMP, PCI-DSS, or SOX ITGC •
Experience leading or supporting audits and partnering with external assessors
Demonstrated ability to conduct assessments, drive remediation efforts, and manage cross-functional initiatives
Demonstrated ability to improve processes, manage competing priorities, and build strong cross-functional partnerships
Earned security or risk certifications such as CISA, CISSP, CISM, or CRISC
Additionally, if hired you will be required to attend in person onboarding.
Experience
We’d love to hear from you if you have: 4+ years of
Benefits
If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below.
Job level and actual compensation will be decided based on factors including, but not limited to, individual
For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range.
Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement. Figma also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales
Figma’s compensation and
Annual Base Salary Range: $153,000 — $296,000 USD
Contact
If you require accommodation, please reach out to accommodations-ext@figma.com .
Additional details
Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all.
If you're excited to shape the future of design and collaboration, join us!
We partner across the company to strengthen security, manage risk, maintain compliance, and scale the programs that support our continued growth.
We're growing our team and looking for security, risk, and compliance professionals across several disciplines.
Assess, prioritize, and communicate security risks across the business
Respond to customer security inquiries, audits, and questionnaires
This is a full time role that can be held from one of our US hubs or remotely in the United States.
Exceptional written and verbal communication skills across technical, business, and executive audiences
While it’s not required, it’s an added plus if you also have:
Operated in a public company environment with SOX ITGC requirements