Security Engineer

About Figma

Figma is building a team of passionate creatives and builders, committed to making design accessible to everyone. Our platform empowers teams to bring ideas to life, from brainstorming and prototyping to translating designs into code and iterating with AI. Figma streamlines workflows, accelerates progress, and enables real-time collaboration from anywhere. Join us to shape the future of design and collaboration.

The Role: Security Engineer

As a Security Engineer at Figma, you will play a crucial role in identifying and driving impactful projects to enhance the security of Figma's product, platform, and IT systems. The Figma Security team's mission is to empower Figmates to deliver the most secure product to users. We are seeking security generalists with a strong foundation in Computer Science and security fundamentals. You will collaborate closely with teams across the company, focusing on systemic security improvements and risk reduction. Your expertise will also be vital in operational security responsibilities, including security reviews, consulting, external research/bug-bounty triage, incident response, and risk management.

This is a full-time role, available from one of our US hubs or remotely within the United States.

What you'll do at Figma:

• Perform technical security assessments, code audits, and design reviews.
• Develop technical solutions to help mitigate security vulnerabilities.
• Advocate for security best practices throughout Figma.
• Conduct assessments to identify current and new attack vectors against Figma products and services.
• Help run our pen-testing and offensive security exercises, as well as our bug bounty program.

We'd love to hear from you if you have:

• 5+ years of proven engineering experience working in a Security team.
• Good understanding of at least two of the following: Linux/Unix/Mac based systems security, AWS security, Cloud SaaS Security, and web application security.
• Proficient in at least one general purpose coding language.
• Demonstrated experience engineering security-based tooling and/or software.
• Strong communication and interpersonal skills, with demonstrated experience collaborating across functions.

Added Plus (not required):

• Demonstrated ability to make hard prioritization decisions in security controls.
• Experience in a software engineering role with an interest in security-related projects.

Grow as you go:

At Figma, we value growth and believe in hiring smart, curious individuals eager to learn and develop. If your experience doesn't perfectly align but you're excited about this Security Engineer role, we encourage you to apply. You might be the perfect candidate for this or other opportunities.

Pay Transparency Disclosure:

For roles based in Figma’s San Francisco or New York hub offices, the annual base salary range is $149,000—$350,000 USD. Actual compensation depends on qualifications, market demands, and work location. Remote pay is localized (80-100% of range). Figma offers equity, competitive benefits including health, dental, vision, retirement, parental leave, mental health, generous PTO, learning & development, WFH stipend, and cell phone reimbursement. An annual bonus plan is also available for eligible non-sales roles. Benefits and compensation are subject to change.

Key skills/competency:

• Security Engineering
• Vulnerability Management
• Cloud Security (AWS)
• Web Application Security
• Incident Response
• Offensive Security
• Code Auditing
• Linux/Unix Security
• Risk Management
• Programming (General Purpose)