Join the Base10 family

Open opportunities with founders believing purpose is key
to profits and companies solving problems for the 99%

Security Compliance Manager



San Francisco, CA, USA · New York, NY, USA · United States
Posted on Wednesday, August 16, 2023

Figma is growing our team of passionate people on a mission to make design accessible to all. Born on the Web, Figma helps entire product teams brainstorm, create, test, and ship better designs, together. From great products to long-lasting companies, we believe that nothing great is made alone—come make with us!

As a Security Compliance Manager at Figma, you will help the Commercial Security Compliance team manage and improve existing Compliance Certification/Framework programs, while also developing customer-facing collateral to enable our Sales teams in closing deals from a security compliance perspective. This is an excellent opportunity to drive efficiencies, reduce process friction, and strategically scale our compliance programs to support a hyper growth company.

What you’ll do at Figma:

  • Refresh and maintain customer-facing trust tooling (i.e. Conveyor, CyberGRX, SecurityPal) with the most up-to-date information about our Security Compliance program
  • Develop customer-facing security compliance collateral (i.e. white-papers, architecture diagrams, CAIQ/SIG)
  • Work with sales on customer security due diligence, including security questionnaires, and resolve current or prospective compliance requests
  • Set a vision and strategy for a customer audit program to help facilitate and streamline customer audits
  • Maintain existing Security Compliance Certifications and Frameworks (i.e. SOC 2 Type II, ISO 27001)
  • Serve as a subject matter authority for applicable compliance standards and be a valued partner to the business and engineering teams in the implementation of the standards
  • Gap assess new in-scope tools and new hosting regions/environments against existing controls and processes
  • Help drive and improve Annual Operational Activities (i.e. Quarterly Privileged User Access Reviews)
  • Refine Figma’s Common Control Framework through control rationalization efforts
  • Configure compliance automation tooling to help achieve continuous monitoring and automated evidence collection for external audits
  • Align changes made to existing controls and processes to the Information Security and Data Privacy Policies

We'd love to hear from you if you have:

  • 3+ years of security compliance or IT compliance experience
  • Experience working with various security compliance frameworks (i.e. ISO 27001, SOC 2, NIST)
  • Experience conducting compliance gap assessments and working cross-functionally to remediate any identified issues
  • Experience leading or supporting external audits
  • Experience dealing with customer security questionnaires and building helpful compliance-related sales materials
  • Experience planning, coordinating, and prioritizing multiple sophisticated projects to completion
  • Experience writing and improving security and data privacy policies
  • Experience with control rationalization and drafting control narratives
  • Experience establishing work relationships across multi-disciplinary teams (i.e. Security, Engineering, Legal, IT, HR, etc.)
At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.

Pay Transparency Disclosure

If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below.

Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.

Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement. Figma also offers sales incentive pay for most sales roles. Figma’s compensation and benefits are subject to change and may be modified in the future.

Annual Base Salary Range (SF/NY Hub):
$131,000$231,000 USD

We will work to ensure individuals with disabilities are provided reasonable accommodation to participate in the interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please let your recruiter know if you require accommodation.

About Figma

Dylan Field and Evan Wallace co-founded Figma in 2012 with the vision of building tools for designers in the browser. Their goal was to create the first design tool that combined the accessibility of the Web with the functionality of a native app. Today Figma is a platform with tools and spaces to support the entire product development process—idea to design to build—and has simplified collaboration for companies like Microsoft, Uber, and The New York Times to name a few.

At Figma, we celebrate and support our differences. We know employing a team rich in diverse backgrounds, experiences, and opinions allows our employees, products, and community to flourish. Figma is an equal opportunity workplace—we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national orientation, sexual orientation, age, citizenship, marital status, disability, gender identity, or Veteran status. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.

By applying for this job, the candidate acknowledges and agrees that any personal data contained in their application or supporting materials will be processed in accordance with the applicable candidate section of Figma's Privacy Policy.