# Manager, Security Operations

**Company:** [Figma](https://hotfix.jobs/companies/figma)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $185k – $296k/yr
**Experience:** 7+ years
**Skills:** SIEM, Soar, Incident Response, Detection Engineering, Threat Intelligence, Scripting, APIs, IAM, Vulnerability Management, Dlp
**Posted:** 2026-06-05

> Lead Figma's security operations program, owning monitoring, incident response, SIEM/SOAR automation, and threat intelligence. Requires 7+ years in security operations or incident response with deep SIEM/SOAR expertise.

## Job Description

## What you'll do at Figma:

- Own Figma's security monitoring and incident response program, from detection engineering through post-incident review and continuous improvement
- Build and automate security operations workflows, including alert triage, enrichment, investigation, and response actions using SOAR and custom tooling
- Develop and maintain incident response run books, escalation procedures, and communication plans for security events of varying severity
- Lead incident response preparedness initiatives, including tabletop exercises, red team engagements, and response capability assessments
- Improve the effectiveness of our SIEM and SOAR platforms by reducing noise, increasing signal fidelity, and closing detection coverage gaps
- Build and operationalize threat intelligence capabilities to identify adversary behaviors, prioritize investments, and strengthen detection and response programs
- Partner with Legal, Privacy, and Communications teams to support breach notification and regulatory response obligations during significant security incidents
- Drive security operations strategy through vendor management, operational metrics, and cross-functional initiatives spanning IAM, vulnerability management, DLP, and exposure reduction

## We'd love to hear from you if you have:

- 7+ years of experience in security operations, incident response, or a related security engineering function
- Hands-on experience building and automating detection and response workflows using scripting, APIs, or security automation platforms
- Deep expertise with SIEM and SOAR technologies in a cloud-native or SaaS environment
- Demonstrated success building, scaling, or significantly improving a detection and response program
- Experience leading complex security incidents and partnering with Legal, Privacy, and business stakeholders during high-impact events

## Nice to have:

- Operated in a public company environment with SOX, ISO 27001, SOC 2, or FedRAMP requirements
- Applied AI risk management frameworks such as NIST AI RMF, OECD AI Principles, or ISO 42001
- Utilized AI-powered tools to automate security operations workflows and improve team efficiency

## Similar roles

- [Senior Security Engineer, Platform Security](https://hotfix.jobs/jobs/583ea96d-dc9e-4baf-81ba-b234801f6222) - Square - San Francisco, CA - $185k – $327k/yr
- [Senior Software Engineer, AI Tools and Security](https://hotfix.jobs/jobs/84909527-3a1c-4d07-874d-32c147adfbf9) - Docker - Remote - $185k – $261k/yr
- [Senior Software Engineer](https://hotfix.jobs/jobs/864449cc-687d-4d9c-bb94-148add05c298) - Coinbase - Remote - $186k – $219k/yr
- [Senior Cloud Security Engineer - K8s](https://hotfix.jobs/jobs/296dd115-8beb-4784-973a-172eedd483ad) - Datadog - New York, NY - $187k – $240k/yr
- [Senior Offensive Security Engineer](https://hotfix.jobs/jobs/e0c7d245-1099-4c20-86c2-6e47b05b00f2) - Chime - San Francisco, CA - $181k – $250k/yr

**Apply:** https://hotfix.jobs/jobs/3705296e-f464-4789-af14-32e93bbaa11c
**Canonical:** https://hotfix.jobs/jobs/3705296e-f464-4789-af14-32e93bbaa11c