Please contact your Administrator to change your authorization settings.
Figma is growing our team of passionate people on a mission to make design accessible to all. Born on the Web, Figma helps entire product teams brainstorm, design and build better products - from start to finish. Whether it's consolidating tools, simplifying workflows, or collaborating across teams and time zones, Figma makes the design process faster, more efficient, and fun while keeping everyone on the same page. From great products to long-lasting companies, we believe that nothing great is made alone-comemake with us!
As the Federal Compliance Manager, you will collaborate with internal stakeholders and product engineering teams to document and implement control requirements, ensuring adherence to Figma's FedRAMP cloud security standards. Responsibilities include supporting the analysis and remediation of security control implementation review, penetration testing, and vulnerability scan results as well as contributing to Plans of Action and Milestones (POAM) reporting for authorizing agencies. Additionally, you will actively engage with security professionals on cross-department initiatives, participating in projects aimed at fortifying the company's overall security posture.
What you'll do at Figma:- Engage with cross-functional collaborators across legal, sales, product/enterprise teams, 3PAO, sponsoring agency, and FedRAMP PMO.
- Analyze information from disparate teams to tackle complex issues, manage risks, and resolve problems.
- Assist in analyzing and preparing for both internal and external audits.
- Recognize, address, communicate, or escalate technical and program risks effectively.
- Collaborate on developing automated capabilities for evidence collection, control validation, and process execution.
- Maintain technical documentation (e.g., System Security Plan or SSP) with expertise in security controls, audits, technical architecture, operational processes, and security protocols.
- Provide strategic insights to internal teams about implementing FedRAMP and other security frameworks, emphasizing their impact on product updates or organizational processes.
- Identify and communicate specific security and configuration requirements to cloud, application, and enterprise teams.
- 5+ years of hands-on experience in IT auditing and/or compliance
- Recent hands-on concentration of work with FedRAMP Framework
- Previous experience leading a Cloud Service Provider through a FedRAMP ATO process
- SaaS-based audit and compliance experience
- Experience working with technologies hosted via cloud computing environments (e.g., AWS)
- Understanding of security domains, including application security, infrastructure and cloud security, incident response, and security compliance and certifications
- Hands-on experience with cloud computing technologies
- Established connections in the FedRAMP industry and with various government agencies
- Familiarity with other international regulatory compliance
Pay Transparency Disclosure
If based in Figma's San Francisco or New York hub offices, this role has the annual base salary range stated below.
Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information.
Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement. Figma also offers sales incentive pay for most sales roles. Figma's compensation and benefits are subject to change and may be modified in the future. You may view our Pay Transparency Policy by clicking on the corresponding link.
At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace - we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity/expression, veteran status, or any other characteristic protected by law. We also consider qualified applicants regardless of criminal histories, consistent with legal requirements.
We will work to ensure individuals with disabilities are provided reasonable accommodation to apply for a role, participate in the interview process, perform essential job functions, and receive other benefits and privileges of employment. If you require accommodation, please reach out to accommodations-ext@figma.com. These modifications enable an individual with a disability to have an equal opportunity not only to get a job, but successfully perform their job tasks to the same extent as people without disabilities.
Examples of accommodations include but are not limited to:
- Holding interviews in an accessible location
- Enabling closed captioning on video conferencing
- Ensuring all written communication be compatible with screen readers
- Changing the mode or format of interviews
By applying for this job, the candidate acknowledges and agrees that any personal data contained in their application or supporting materials will be processed in accordance with the applicable candidate section of Figma's Privacy Policy.