Governance, Risk & Compliance Associate

San Francisco, CA
Figma is adding to our team of passionate people who are revolutionizing the world of design. We are building a browser-based design tool that looks and feels as good as a native application and has all the additional power and advantages that come from being built upon the web platform. If you’re looking to work at a dynamic company that is building the future of design tools, welcome to Figma.

As the first Governance, Risk and Compliance hire for Figma, you will be responsible for all day-to-day aspects of Figma’s lT security, governance, risk and assurance processes and will play a meaningful role in building out the company’s overall security practice. You will engage various process owners in the design, evaluation, documentation and monitoring of the appropriate security controls in our computing environment, as well as leading external audits. It is essential that you have hands-on experiences in IT assurances and operational audits, as well as prior hands on in IT experiences. You will report to the Head of Finance and Business Operations.


    • Perform gap analysis and security risk assessments to determine if the company’s information assets are protected from internal and external threats and are aligned with regulatory requirements
    • Work cross-functionally to develop, implement, test and maintain various security processes, controls and training programs
    • Conduct internal security audits and provide technical and business recommendation to process owners to remediate all findings
    • Work with the Security team in identifying technical security gaps as reported by internal and external customers
    • Perform other IT security and assurances related tasks as assigned by management
    • Manage 3rd party vendor security assessments
    • Develop and provide training to improve the security awareness and knowledge for all employees and contractors

What we value

    • 3-5+ years in information security assurance and audit such as SOC 2 and ISO 27001
    • Hands-on experiences in cloud technologies and security
    • Knowledgeable in various IT security frameworks and best practices, such as Privacy Shield and GDPR
    • Knowledgeable in both qualitative and quantitative risk assessment methodologies
    • Excellent leadership, interpersonal, verbal and written communication, presentation, and problem solving skills
    • Ability to learn quickly and take on challenging new projects with enthusiasm
    • Strong cross-functional team program management abilities, including managing multiple assessments concurrently with different stakeholders and timelines
About Figma
Figma is the open design company founded in 2012 by Dylan Field and Evan Wallace. With our cloud-based screen design tool, teams achieve a shared understanding around design without worrying about syncing, exporting or installing software. Anyone involved in the product development process can share always up-to-date files with a link. That makes it easy to collaborate on the latest designs and prototypes and see their code attributes. 

Figma has simplified collaboration across the entire design process for thousands of companies like Microsoft, Slack and Uber; and users, including designers, developers, product managers, marketers and others. To learn more and sign up for a free account visit

At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace. We are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national orientation, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.