# Security Engineer

**Company:** [Figma](https://hotfix.jobs/companies/figma)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $149k – $350k/yr
**Experience:** 5+ years
**Skills:** Threat Modeling, Code Audits, Design Reviews, Penetration Testing, Cloud Security, IAM, Application Security, Python, JavaScript, Go
**Posted:** 2026-03-16

> Security Engineer drives security improvements across Figma's AI, platform, product, and anti-abuse teams through assessments, tooling development, threat detection, and incident response. Requires 5+ years engineering experience, strong security judgment, and proficiency in a general-purpose language.

## Job Description

## Responsibilities
**AI Security:**
- Perform technical security assessments, code audits, and design reviews for new AI infrastructure, platforms, and products.
- Design and develop technical solutions to secure AI models, tooling, debugging workflows, and data pipelines.
- Advocate for secure practices across Figma's AI infrastructure, platforms, and data systems.
- Build internal AI-powered access insights and security tooling.
- Help run penetration testing and offensive security exercises against AI infrastructure.

**Platform Security:**
- Perform technical security assessments, code audits, and design reviews for cloud and corporate infrastructure changes.
- Design and develop solutions to prevent or mitigate cloud and corporate security risks.
- Advocate for secure practices within cloud and corporate infrastructure.
- Build platforms and tooling to detect and respond to infrastructure and corporate security threats.

**Product Security:**
- Perform technical security assessments, code audits, and design reviews for new product features.
- Design and develop solutions to prevent or mitigate product security vulnerabilities.
- Advocate for secure development practices across products and services.
- Help run penetration testing, offensive security exercises, and support bug bounty program.
- Help respond to product security incidents.

**Anti-Abuse:**
- Design and build technical systems to prevent spam, fraud, and abuse.
- Partner with product teams to identify and address potential abuse vectors.
- Develop new signals and improve existing signals to detect abusive behavior.
- Help respond to spam, fraud, and abuse incidents.

## Requirements
- 5+ years of proven engineering experience in Security Engineering or Software Engineering (with some security experience preferred).
- Strong security judgment in threat modeling and risk prioritization **and/or** strong technical judgment in designing and building maintainable, scalable systems.
- Proficiency in at least one general-purpose coding language.
- Strong communication and interpersonal skills, with demonstrated experience collaborating across functions.

## Nice-to-Haves
- Subject matter expertise in Application Security, Cloud Security, Corporate Security, Data Access Governance, and/or IAM (Identity and Access Management).
- Demonstrated ability to make hard prioritization decisions in security controls.

## Similar roles

- [Cloud Security Engineer](https://hotfix.jobs/jobs/543dd116-127a-4348-a38f-4a5c025af160) - Virta Health - Remote - $149k – $188k/yr
- [Software Engineer, Identity](https://hotfix.jobs/jobs/95795ec8-bfd1-44c8-a7a1-b16c9be3d31b) - Mercor - San Francisco, CA - $150k – $325k/yr
- [IT Security Operations Engineer](https://hotfix.jobs/jobs/ab8df8f3-05c1-4b41-a516-c95445575498) - AKASA - San Francisco, CA - $150k – $190k/yr
- [Security Engineer](https://hotfix.jobs/jobs/79d32979-efc0-42db-8089-267517d351aa) - Novig - New York, NY - $150k – $200k/yr
- [Governance, Risk & Compliance Engineer](https://hotfix.jobs/jobs/5dc30200-7d11-41fc-9e8e-f0f18b5b8caf) - Fal - San Francisco, CA - $150k – $250k/yr

**Apply:** https://hotfix.jobs/jobs/8913deb3-fccc-48ca-84a7-d452d7457cb2
**Canonical:** https://hotfix.jobs/jobs/8913deb3-fccc-48ca-84a7-d452d7457cb2