RemoteTips
Back to Jobs
Governance Risk and Compliance
Figma
San Francisco, CA; New York, NY; United States
Full Time
1 hour ago
Mid LevelLegalWorldwide
Over $120K

USD per year

Job Description

Governance Risk and Compliance

Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all. Figma’s platform helps teams bring ideas to life—whether you're brainstorming, creating a prototype, translating designs into code, or iterating with AI. From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world. If you're excited to shape the future of design and collaboration, join us! Figma's GRC team helps build and maintain trust with our users, regulators, business partners, and the organizations that rely on Figma every day. We partner across the company to strengthen security, manage risk, maintain compliance, and scale the programs that support our continued growth. We're growing our team and looking for security, risk, and compliance professionals across several disciplines. Whether your expertise is in compliance, risk management, governance, GRC tooling, or customer trust, you'll have the opportunity to build programs, improve processes, and help shape how Figma scales security and trust.

Roles we hire for on this team:

  • Compliance Management
  • Lead compliance and certification programs across security and regulatory frameworks
  • Manage audit cycles,

partner with external assessors, and drive audit readiness initiatives

  • Improve controls,

processes, and evidence management practices across the organization

  • Security Risk Management
  • Build and maintain risk and controls frameworks that support Figma's security posture
  • Assess,

prioritize, and communicate security risks across the business

  • Develop third-party risk management strategies and enterprise risk reporting programs
  • Policy & Governance
  • Manage the lifecycle of organizational security policies,

standards, and procedures

  • Drive policy awareness and stakeholder engagement across the company
  • Ensure governance practices align with regulatory requirements and business objectives
  • GRC Platforms & Enablement
  • Select,

implement, and optimize GRC platforms and supporting workflows

  • Scale evidence collection,

reporting, and program management capabilities

  • Identify opportunities to automate and streamline GRC operations
  • Customer Trust
  • Support customer trust and business enablement activities across the sales lifecycle
  • Manage security knowledge bases,

customer-facing documentation, and trust publications

  • Respond to customer security inquiries,

audits, and questionnaires This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you'll do at Figma:

  • Lead compliance programs across frameworks such as SOC 2,

ISO 27001, FedRAMP, SOX ITGC, GDPR, and NIS2

  • Manage external audits and certification activities while partnering with auditors and assessors
  • Build and maintain risk and controls frameworks including common control frameworks that support multiple certifications
  • Conduct risk and gap assessments and drive remediation efforts across technical and business stakeholders
  • Improve control effectiveness and operational efficiency through rationalization and process optimization
  • Implement and optimize GRC platforms that scale evidence collection and program management
  • Maintain security policies and governance processes that align with organizational risk objectives
  • Support customer trust initiatives including security questionnaires audits customer-facing communications

We’d love to hear from you if you have:

  • 4+ years of experience in information security compliance risk management or a related field
  • Hands-on experience supporting security compliance frameworks such as SOC 2 ISO 27001 FedRAMP PCI-DSS or SOX ITGC
  • Experience leading or supporting audits partnering with external assessors
  • Demonstrated ability to conduct assessments drive remediation efforts manage cross-functional initiatives
  • Exceptional written verbal communication skills across technical business executive audiences
  • Demonstrated ability to improve processes manage competing priorities build strong cross-functional partnerships

While it’s not required it’s an added plus if you also have:

  • Operated in a public company environment with SOX ITGC requirements
  • Supported FedRAMP authorization SSP development 3PAO coordination continuous monitoring activities
  • Earned security or risk certifications such as CISA CISSP CISM CRISC
  • Implemented or administered GRC platforms such as Vanta Drata or similar tools
  • Scaled security compliance or risk programs in a high-growth environment

At Figma one of our values is Grow as you go We believe in hiring smart curious people who are excited to learn develop their skills If you’re excited about this role but your past experience doesn’t align perfectly with points outlined in job description we encourage you apply anyways You may be just right candidate for this other roles.

Location:

San Francisco CA New York NY United States Remote within US hubs allowed.

Salary Range:

$153000-$296000 USD annually adjusted for remote locations.

Benefits:

Equity health dental vision insurance retirement contributions parental leave supports mental health benefits PTO recharge days learning work from home stipends. Equal Opportunity Employer statement included Reasonable accommodations provided for disabilities during hiring process.

How to Apply
About Figma

Figma is a collaborative interface design tool that enables teams to create, prototype, and share designs in real-time.

Visit company website
View Company Profile