Manager, Security Operations
Lead Figma's security operations program, owning monitoring, incident response, SIEM/SOAR automation, and threat intelligence. Requires 7+ years in security operations or incident response with deep SIEM/SOAR expertise.
What you'll do at Figma:
- Own Figma's security monitoring and incident response program, from detection engineering through post-incident review and continuous improvement
- Build and automate security operations workflows, including alert triage, enrichment, investigation, and response actions using SOAR and custom tooling
- Develop and maintain incident response run books, escalation procedures, and communication plans for security events of varying severity
- Lead incident response preparedness initiatives, including tabletop exercises, red team engagements, and response capability assessments
- Improve the effectiveness of our SIEM and SOAR platforms by reducing noise, increasing signal fidelity, and closing detection coverage gaps
- Build and operationalize threat intelligence capabilities to identify adversary behaviors, prioritize investments, and strengthen detection and response programs
- Partner with Legal, Privacy, and Communications teams to support breach notification and regulatory response obligations during significant security incidents
- Drive security operations strategy through vendor management, operational metrics, and cross-functional initiatives spanning IAM, vulnerability management, DLP, and exposure reduction
We'd love to hear from you if you have:
- 7+ years of experience in security operations, incident response, or a related security engineering function
- Hands-on experience building and automating detection and response workflows using scripting, APIs, or security automation platforms
- Deep expertise with SIEM and SOAR technologies in a cloud-native or SaaS environment
- Demonstrated success building, scaling, or significantly improving a detection and response program
- Experience leading complex security incidents and partnering with Legal, Privacy, and business stakeholders during high-impact events
Nice to have:
- Operated in a public company environment with SOX, ISO 27001, SOC 2, or FedRAMP requirements
- Applied AI risk management frameworks such as NIST AI RMF, OECD AI Principles, or ISO 42001
- Utilized AI-powered tools to automate security operations workflows and improve team efficiency
Security Engineer, Corporate Security
Hands-on Corporate Security Engineer to own and improve technical controls across identity, endpoints, SaaS, and workforce infrastructure. Build scalable automation and partner with IT, Infrastructure, GRC, and Detection & Response.
Senior Manager, Technology Risk
Lead second-line technology and information security risk oversight for a de novo national bank, establishing the 2LOD technology risk framework and providing independent oversight of IT, cybersecurity, and cloud infrastructure.
Director, Detection Engineering & Threat Hunting
Strategic leader to own Detection Engineering & Threat Hunting function, managing managers and aligning defensive strategy with company goals. Requires 5+ years cybersecurity experience with manager-of-managers background.