<p>We're seeking a proactive and detail-driven Compliance Manager to lead our compliance programs, with a core focus on building SOX ITGCs and supporting frameworks like SOC 2 and ISO 27001. This position includes the opportunity to lead and grow a team, helping drive the evolution and scale of our compliance program.</p> <p>This is a full time role that can be held from our San Francisco, Seattle, or New York hub.</p> <p>What you'll do at Figma:</p> <ul> <li>Lead the design, implementation, and monitoring of ITGC frameworks for non-corporate systems, including access controls, change management, data integrity, and IT operations </li><li>Develop and maintain ITGC policies, procedures, and documentation to support the organization's control environment </li><li>Partner with internal and external audit teams to support ITGC testing and resolve findings efficiently </li><li>Manage and maintain existing security compliance certifications and frameworks (e.g., SOC 2, ISO 27001), and support onboarding of new ones as needed </li><li>Collaborate with cross-functional teams to collect and organize control evidence for external audits, ensuring timely submission and reporting </li><li>Act as a liaison between internal teams and external auditors to facilitate a smooth, efficient, and well-coordinated audit process </li><li>Continuously improve the audit process through automation, enhanced workflows, and rationalization of controls to increase efficiency year over year </li></ul> <p>We'd love to hear from you if you have:</p> <ul> <li>7+ years of experience in information security, compliance, or risk management </li><li>Ability to work efficiently and independently in a fast-paced, high-volume environment </li><li>Deep knowledge of security frameworks and standards (e.g., ISO 27001, NIST, SOC 2) </li><li>Experience managing audits, compliance programs, and regulatory assessments </li><li>Strong understanding of cloud-based applications and corporate IT infrastructures </li><li>Solid project management and organizational skills with the ability to manage multiple priorities </li><li>Effective communication skills, with the ability to convey complex concepts to technical and non-technical audiences </li></ul> <p>While not required, it's an added plus if you also have:</p> <ul> <li>Prior team leadership or mentoring experience is a plus </li><li>Experience with audit tools, GRC platforms, and automation technologies </li><li>CISA, CRISC, and CISSP </li></ul> <p>At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you're excited about this role but your past experience doesn't align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.</p>