Job Overview
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
About Figma
Figma is building a team of passionate creatives and builders dedicated to making design accessible to all. Our platform helps teams bring ideas to life, from brainstorming and prototyping to translating designs into code and iterating with AI. Figma empowers teams to streamline workflows, accelerate development, and collaborate in real-time from anywhere. If you're eager to shape the future of design and collaboration, we invite you to join us.
The Role: Security Engineer
As a Security Engineer at Figma, you will identify and lead impactful projects aimed at enhancing the security of Figma’s product, platform, and IT systems. We are actively hiring across multiple specialized teams within Security Engineering, including AI Security, Platform Security, Product Security, and Anti-Abuse.
You will collaborate closely with various teams across the company, focusing on systemic security improvements and significant risk reduction. Your responsibilities will also include operational security tasks such as security reviews, expert consulting, vulnerability triage, and rapid security incident response.
Examples of Your Work Across Teams:
- AI Security: Perform technical security assessments, conduct code audits, and lead design reviews for new AI infrastructure, platforms, and products. Design and develop technical solutions to secure AI models, tooling, debugging workflows, and data pipelines. Advocate for secure practices across Figma’s AI infrastructure, platforms, and data systems. Build the next generation of internal AI-powered access insights and security tooling. Help run penetration testing and offensive security exercises against Figma’s AI infrastructure, platforms, and products.
- Platform Security: Conduct technical security assessments, code audits, and design reviews for changes to Figma’s cloud and corporate infrastructure. Design and develop solutions to prevent or mitigate cloud and corporate security risks. Advocate for secure practices within Figma’s cloud and corporate infrastructure. Build platforms and tooling to detect and respond to infrastructure and corporate security threats.
- Product Security: Execute technical security assessments, code audits, and design reviews for new product features. Design and develop solutions to prevent or mitigate product security vulnerabilities. Advocate for secure development practices across Figma’s products and services. Help run penetration testing, offensive security exercises, and support our bug bounty program. Assist in responding to product security incidents.
- Anti-Abuse: Design and build technical systems to prevent spam, fraud, and abuse. Partner closely with product teams to identify and address potential abuse vectors. Develop new signals and enhance existing ones to detect abusive behavior. Help respond to spam, fraud, and abuse incidents.
What We're Looking For:
- 5+ years of proven engineering experience in Security Engineering or Software Engineering, with a preference for security experience in the latter.
- Strong security judgment in threat modeling and risk prioritization, and/or strong technical judgment in designing and building maintainable, scalable systems.
- Proficiency in at least one general-purpose coding language.
- Strong communication and interpersonal skills, with demonstrated experience collaborating across functions.
Added Plus (Not Required):
- Subject matter expertise in Application Security, Cloud Security, Corporate Security, Data Access Governance, and/or IAM (Identity and Access Management).
- Demonstrated ability to make hard prioritization decisions in security controls.
Compensation & Benefits:
This is a full-time role that can be held from one of our US hubs or remotely in the United States. If based in Figma’s San Francisco or New York hub offices, the annual base salary range is $149,000—$350,000 USD. Actual compensation will vary based on qualifications, market demands, and work location. Remote roles are localized between 80% and 100% of the range. Figma also offers equity, comprehensive benefits (health, dental, vision, retirement, parental leave, mental health), generous PTO, learning & development stipends, and more.
Key skills/competency
- Security Engineering
- Threat Modeling
- Risk Prioritization
- Code Audits
- Cloud Security
- Product Security
- Incident Response
- AI Security
- Anti-Abuse Systems
- Vulnerability Management
How to Get Hired at Figma
- Research Figma's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor to understand their collaborative and design-centric environment.
- Tailor your resume: Customize your resume to highlight experience in security engineering, threat modeling, cloud security, and coding proficiency, using keywords from the Security Engineer job description.
- Showcase security impact: Prepare to discuss specific examples where you've driven systemic security improvements, reduced risks, or built scalable security systems in past roles.
- Emphasize collaboration: Be ready to illustrate your strong communication and cross-functional collaboration skills, as partnering with diverse teams is crucial for a Security Engineer at Figma.
- Highlight problem-solving: During interviews, demonstrate your ability to analyze complex security challenges and propose practical, effective solutions, aligning with Figma's innovative approach.
Frequently Asked Questions
Find answers to common questions about this job opportunity
Explore similar opportunities that match your background