Security Compliance Analyst - Figma San Francisco, California, United States Bookmark Share Print 347 0 0

Listing Description

As a Security Compliance Analyst at Figma, you will help the Manager of Commercial Security Compliance oversee and manage the audit certification lifecycles for current and future compliance initiatives. You'll help drive our certification roadmaps based on customer requirements while ensuring committed assessments are delivered on schedule. This is a superb opportunity to drive efficiencies, reduce process friction, and strategically scale our compliance programs to support a hyper growth company.


What you’ll do at Figma:



  • Maintain existing Security Compliance Certifications and Frameworks (i.e. SOC 2 Type II, ISO 27001)

  • Serve as a subject matter expert for applicable compliance standards and be a valued partner to the business and engineering teams in the implementation of the standards

  • Gap assess new in-scope tools and new hosting regions/environments against existing controls and processes

  • Help drive and improve Annual Operational Activities (i.e. Quarterly Privileged User Access Reviews)

  • Implement and mature controls that scale and do not burden teams

  • Refine Figma’s Common Control Framework through control rationalization efforts

  • Configure compliance automation tooling to help achieve continuous monitoring and automated evidence collection for external audits

  • Communicate progress, escalations, and issue resolution to management and team stakeholders

  • Align changes made to existing controls and processes to the Information Security and Data Privacy Policies



We'd love to hear from you if you have:



  • 2+ years of security compliance or IT compliance experience

  • Experience working with various security compliance frameworks (i.e. ISO 27001, SOC 2, NIST)

  • Familiarity with cloud computing/architecture (i.e. AWS)

  • Experience conducting compliance gap assessments and working cross-functionally to remediate any identified issues

  • Experience leading or supporting external audits

  • Experience planning, coordinating, and prioritizing multiple sophisticated projects to completion

  • Experience with control rationalization and drafting control narratives

  • Experience establishing work relationships across multi-disciplinary teams (i.e. Security, Engineering, Legal, IT, HR, etc.)




At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.






Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided

 

  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Useful Links

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765

requests@ninjajobs.org
www.ninjajobs.org
Chat with us!