Figma
Technology
GovernanceRiskandCompliance
Neural analysis suggests this role is
optimal for Mid+ candidates.
“Governance Risk and Compliance at Figma. Skills: Governance Risk Compliance, Security, Risk Management, Compliance. Lead compliance programs. Manage audit cycles”
Industry & Context.
Root cause analysis; Troubleshooting
In person onboarding
What They're Looking For.
Must Have
4+ years experience in information security, 4+ years experience in compliance, 4+ years experience in risk management, Hands-on supporting security frameworks, Hands-on supporting compliance frameworks, Experience leading audits, Experience supporting audits, Partnering with external assessors, Conduct assessments, Drive remediation efforts, Manage cross-functional initiatives, Exceptional written communication skills, Exceptional verbal communication skills, Improve processes, Manage competing priorities, Build cross-functional partnerships
Nice to Have
Operated in public company, SOX ITGC requirements experience, Supported FedRAMP authorization, SSP development experience, 3PAO coordination experience, Continuous monitoring activities experience, Security certifications, Risk certifications, GRC platforms implementation, GRC platforms administration, Scale security programs, Scale compliance programs, Scale risk programs
What You'll Do.
Lead compliance programs
Partner with external assessors
Drive audit readiness
Manage evidence practices
Build risk frameworks
Maintain risk frameworks
Support security posture
Assess security risks
Prioritize security risks
Communicate security risks
Develop third-party risk strategies
Develop enterprise risk reporting
Manage policy lifecycle
Manage standards lifecycle
Manage procedures lifecycle
Drive policy awareness
Drive stakeholder engagement
Align governance practices
Implement GRC platforms
Optimize GRC platforms
Scale evidence collection
Scale reporting capabilities
Scale program management
Identify automation opportunities
Streamline GRC operations
Support customer trust activities
Support business enablement
Manage security knowledge bases
Manage customer-facing documentation
Manage trust publications
Respond to customer inquiries
Respond to customer audits
Respond to customer questionnaires
Lead compliance programs
Manage external audits
Manage certification activities
Partner with auditors
Partner with assessors
Build risk controls frameworks
Maintain risk controls frameworks
Support multiple certifications
Conduct risk assessments
Conduct gap assessments
Drive remediation efforts
Improve control effectiveness
Improve operational efficiency
Implement GRC platforms
Optimize GRC platforms
Scale evidence collection
Scale program management
Maintain security policies
Maintain governance processes
Align organizational risk objectives
Support customer trust initiatives
Respond to security questionnaires
Respond to customer audits
Respond to customer communications
How You'll Work.
Team & Collaboration
Cross-functional initiatives; Cross-functional teams; Business stakeholders; Technical stakeholders; Executive audiences
Communication Scope
Written communication; Verbal communication; Technical communication; Business communication; Executive communication; Customer-facing communication
Process & Methodology
Program management
Full Job Description
Figma is growing our team of passionate creatives and builders on a mission to make design accessible to all. Figma’s platform helps teams bring ideas to life—whether you're brainstorming, creating a prototype, translating designs into code, or iterating with AI. From idea to product, Figma empowers teams to streamline workflows, move faster, and work together in real time from anywhere in the world. If you're excited to shape the future of design and collaboration, join us! Figma's GRC team helps build and maintain trust with our users, regulators, business partners, and the organizations that rely on Figma every day. We partner across the company to strengthen security, manage risk, maintain compliance, and scale the programs that support our continued growth. We're growing our team and looking for security, risk, and compliance professionals across several disciplines. Whether your expertise is in compliance, risk management, governance, GRC tooling, or customer trust, you'll have the opportunity to build programs, improve processes, and help shape how Figma scales security and trust. Roles we hire for on this team: Compliance Management Lead compliance and certification programs across security and regulatory frameworks Manage audit cycles, partner with external assessors, and drive audit readiness initiatives Improve controls, processes, and evidence management practices across the organization Security Risk Management Build and maintain risk and controls frameworks that support Figma's security posture Assess, prioritize, and communicate security risks across the business Develop third-party risk management strategies and enterprise risk reporting programs Policy & Governance Manage the lifecycle of organizational security policies, standards, and procedures Drive policy awareness and stakeholder engagement across the company Ensure governance practices align with regulatory requirements and business objectives GRC Platforms & Enablement Select, implement, and
Applying for this Governance Risk and Compliance role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Greenhouse
- Create a Greenhouse profile before applying — it saves time across multiple applications.
- Upload your resume as a PDF; the parser handles it better than Word.
- Answer all knockout questions carefully — wrong answers auto-reject before a human sees you.
- Enable email notifications to track application status in real time.
ANONYMOUS · UNFILTERED
What do employees actually say about Figma?
Real rants from real employees. Read before you apply.