Lead compliance, risk management, governance, and customer trust programs across security frameworks including SOC 2, ISO 27001, FedRAMP, and SOX. Requires 4+ years in information security or compliance with audit and cross-functional experience.
153k – 296k/yr
Remote4+ YOEOther
About the role
Compliance Management
Lead compliance and certification programs across security and regulatory frameworks
Manage audit cycles, partner with external assessors, and drive audit readiness initiatives
Improve controls, processes, and evidence management practices across the organization
Security Risk Management
Build and maintain risk and controls frameworks that support Figma's security posture
Assess, prioritize, and communicate security risks across the business
Develop third-party risk management strategies and enterprise risk reporting programs
Policy & Governance
Manage the lifecycle of organizational security policies, standards, and procedures
Drive policy awareness and stakeholder engagement across the company
Ensure governance practices align with regulatory requirements and business objectives
GRC Platforms & Enablement
Select, implement, and optimize GRC platforms and supporting workflows
Scale evidence collection, reporting, and program management capabilities
Identify opportunities to automate and streamline GRC operations
Customer Trust
Support customer trust and business enablement activities across the sales lifecycle
Manage security knowledge bases, customer-facing documentation, and trust publications
Respond to customer security inquiries, audits, and questionnaires
What you'll do at Figma
Lead compliance programs across frameworks such as SOC 2, ISO 27001, FedRAMP, SOX ITGC, GDPR, and NIS2
Manage external audits and certification activities while partnering with auditors and assessors
Build and maintain risk and controls frameworks, including common control frameworks that support multiple certifications
Conduct risk and gap assessments and drive remediation efforts across technical and business stakeholders
Improve control effectiveness and operational efficiency through rationalization and process optimization
Implement and optimize GRC platforms that scale evidence collection and program management
Maintain security policies and governance processes that align with organizational risk objectives
Support customer trust initiatives, including security questionnaires, audits, and customer-facing security communications
We'd love to hear from you if you have
4+ years of experience in information security, compliance, risk management, or a related field
Hands-on experience supporting security and compliance frameworks such as SOC 2, ISO 27001, FedRAMP, PCI-DSS, or SOX ITGC
Experience leading or supporting audits and partnering with external assessors
Demonstrated ability to conduct assessments, drive remediation efforts, and manage cross-functional initiatives
Exceptional written and verbal communication skills across technical, business, and executive audiences
Demonstrated ability to improve processes, manage competing priorities, and build strong cross-functional partnerships
Nice to have
Operated in a public company environment with SOX ITGC requirements
Compliance Manager advising on information security, data sharing, vendor oversight, and regulatory matters for funding, lending, and card products. Lead remediation, build policies, and partner cross-functionally at a Series C fintech serving small businesses.
155k – 170k/yr
Hybrid3+ YOEOther
Residency Manager
AsteraEmeryville, CA
Own end-to-end operations for Astera's fully-funded research Residency program, serving as primary point of contact for residents while managing selection, onboarding, needs anticipation, and scaling processes in a fast-moving early-stage environment. Requires 5-10 years operations or program management experience, exceptional organization, and cultural alignment with ambitious science and technology goals.
150k – 250k/yr
On-site5+ YOEOther
Site Manager, Datacenter Operations
FluidstackBuffalo, NY
Lead and scale operations teams of 10+ across multiple datacenter facilities. Own 24x7 uptime, reliability, and SLA performance while managing infrastructure lifecycle, team development, and cross-functional coordination.
150k – 200k/yr
On-site5+ YOEOther
Payment Operations Manager
CardlessSan Francisco, CA
Manages and scales payment operations infrastructure for credit card programs, handling processors, banks, networks, and automations. Requires 5+ years in payments, strong SQL, and experience with reconciliation and card lifecycles.
150k – 180k/yr
On-site5+ YOEOther
AI Systems Specialist
RoktNew York, NY
Support and improve core business/finance systems (incl. NetSuite) while driving AI and automation adoption. Partner with Finance, Security, and People teams on workflows, documentation, and integrations. Ideal for someone with 3-5 years in systems or consulting who is technically curious.