Security Engineer

About The Position

Requirements

• 5+ years of proven engineering experience working in either a Security Engineering or a Software Engineering role. In the case of the latter, some security experience is preferred.
• Strong security judgment in threat modeling and risk prioritization and/or strong technical judgment in designing and building maintainable, scalable systems.
• Proficiency in at least one general-purpose coding language.
• Strong communication and interpersonal skills, with demonstrated experience collaborating across functions.

Nice To Haves

• Subject matter expertise in Application Security, Cloud Security, Corporate Security, Data Access Governance, and/or IAM (Identity and Access Management).
• Demonstrated ability to make hard prioritization decisions in security controls.

Responsibilities

• Identify and drive impactful projects to improve the security of Figma’s product, platform, and IT systems.
• Partner closely with teams across the company and focus on systemic security improvements and risk reduction.
• Participate in operational security responsibilities like security reviews, consulting, vulnerability triage, and security incident response.
• Perform technical security assessments, code audits, and design reviews for new AI infrastructure, platforms, and products.
• Design and develop technical solutions to secure AI models, tooling, debugging workflows, and data pipelines.
• Advocate for secure practices across Figma’s AI infrastructure, platforms, and data systems.
• Build the next generation of internal AI-powered access insights and security tooling.
• Help run penetration testing and offensive security exercises against Figma’s AI infrastructure, platforms, and products.
• Perform technical security assessments, code audits, and design reviews for changes to Figma’s cloud and corporate infrastructure.
• Design and develop solutions to prevent or mitigate cloud and corporate security risks.
• Advocate for secure practices within Figma’s cloud and corporate infrastructure.
• Build platforms and tooling to detect and respond to infrastructure and corporate security threats.
• Perform technical security assessments, code audits, and design reviews for new product features.
• Design and develop solutions to prevent or mitigate product security vulnerabilities.
• Advocate for secure development practices across Figma’s products and services.
• Help run penetration testing, offensive security exercises, and support our bug bounty program.
• Help respond to product security incidents.
• Design and build technical systems to prevent spam, fraud, and abuse.
• Partner closely with product teams to identify and address potential abuse vectors.
• Develop new signals and improve the use of existing signals to detect abusive behavior.
• Help respond to spam, fraud, and abuse incidents.

Benefits

• Figma offers equity to employees, as well a competitive package of additional benefits, including health, dental & vision, retirement with company contribution, parental leave & reproductive or family planning support, mental health & wellness benefits, generous PTO, company recharge days, a learning & development stipend, a work from home stipend, and cell phone reimbursement.
• Figma also offers sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles.