Security Compliance Analyst
To see similar active jobs please follow this link: Remote System Administration jobs
As a Security Compliance Analyst at Figma, you will help the Manager, Security Compliance coordinate and manage the audit certification lifecycles for current and future compliance initiatives. You will drive our certification roadmaps based on customer requirements while ensuring committed assessments are delivered on schedule. This is a great opportunity to drive efficiencies, reduce process friction, and strategically scale our compliance programs to support a hyper growth company.
What you’ll do at Figma:
Maintain existing Security Compliance Certifications and Frameworks (i.e. SOC 2 Type II, ISO 27001)
Serve as a subject matter authority for applicable compliance standards and be a valued partner to the business and engineering teams in the implementation of the standards
Gap assess new in-scope tools and new hosting regions/environments against existing controls and processes
Help drive and improve Annual Operational Activities (i.e. Quarterly Privileged User Access Reviews)
Implement and mature controls that scale and do not burden teams
Refine Figma’s Common Control Framework through control rationalization efforts
Configure compliance automation tooling to help achieve continuous monitoring and automated evidence collection for external audits
Communicate progress, customer concerns, and issue resolution to management and team stakeholders.
Align changes made to existing controls and processes to the Information Security and Data Privacy Policies
We'd love to hear from you if you have:
2+ years of security compliance or IT compliance experience
Worked with various security compliance frameworks (including ISO 27001, SOC 2, and NIST)
Familiarity with cloud computing/architecture such as AWS
Conducted compliance gap assessments and worked cross-functionally to remediate any identified issues
Led or supported external audits
While not required, it’s an added plus if you also have:
Planned, coordinated, and prioritized multiple sophisticated projects to completion
Experience with control rationalization and drafting control narratives
Demonstrated experience establishing work relationships across multi-disciplinary teams (including Security, Engineering, Legal, IT, and HR)
At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.
About the job
Security Compliance Analyst
To see similar active jobs please follow this link: Remote System Administration jobs
As a Security Compliance Analyst at Figma, you will help the Manager, Security Compliance coordinate and manage the audit certification lifecycles for current and future compliance initiatives. You will drive our certification roadmaps based on customer requirements while ensuring committed assessments are delivered on schedule. This is a great opportunity to drive efficiencies, reduce process friction, and strategically scale our compliance programs to support a hyper growth company.
What you’ll do at Figma:
Maintain existing Security Compliance Certifications and Frameworks (i.e. SOC 2 Type II, ISO 27001)
Serve as a subject matter authority for applicable compliance standards and be a valued partner to the business and engineering teams in the implementation of the standards
Gap assess new in-scope tools and new hosting regions/environments against existing controls and processes
Help drive and improve Annual Operational Activities (i.e. Quarterly Privileged User Access Reviews)
Implement and mature controls that scale and do not burden teams
Refine Figma’s Common Control Framework through control rationalization efforts
Configure compliance automation tooling to help achieve continuous monitoring and automated evidence collection for external audits
Communicate progress, customer concerns, and issue resolution to management and team stakeholders.
Align changes made to existing controls and processes to the Information Security and Data Privacy Policies
We'd love to hear from you if you have:
2+ years of security compliance or IT compliance experience
Worked with various security compliance frameworks (including ISO 27001, SOC 2, and NIST)
Familiarity with cloud computing/architecture such as AWS
Conducted compliance gap assessments and worked cross-functionally to remediate any identified issues
Led or supported external audits
While not required, it’s an added plus if you also have:
Planned, coordinated, and prioritized multiple sophisticated projects to completion
Experience with control rationalization and drafting control narratives
Demonstrated experience establishing work relationships across multi-disciplinary teams (including Security, Engineering, Legal, IT, and HR)
At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.