[Remote] Security Engineer

Note: The job is a remote job and is open to candidates in USA. Figma is a company on a mission to make design accessible to all, and they are seeking a Security Engineer to enhance the security of their product, platform, and IT systems. The role involves collaborating with various teams to implement security improvements, conduct assessments, and respond to incidents across multiple domains including AI, platform, product security, and anti-abuse.

Responsibilities

• Perform technical security assessments, code audits, and design reviews for new AI infrastructure, platforms, and products
• Design and develop technical solutions to secure AI models, tooling, debugging workflows, and data pipelines
• Advocate for secure practices across Figma’s AI infrastructure, platforms, and data systems
• Build the next generation of internal AI-powered access insights and security tooling
• Help run penetration testing and offensive security exercises against Figma’s AI infrastructure, platforms, and products
• Perform technical security assessments, code audits, and design reviews for changes to Figma’s cloud and corporate infrastructure
• Design and develop solutions to prevent or mitigate cloud and corporate security risks
• Advocate for secure practices within Figma’s cloud and corporate infrastructure
• Build platforms and tooling to detect and respond to infrastructure and corporate security threats
• Perform technical security assessments, code audits, and design reviews for new product features
• Design and develop solutions to prevent or mitigate product security vulnerabilities
• Advocate for secure development practices across Figma’s products and services
• Help run penetration testing, offensive security exercises, and support our bug bounty program
• Help respond to product security incidents
• Design and build technical systems to prevent spam, fraud, and abuse
• Partner closely with product teams to identify and address potential abuse vectors
• Develop new signals and improve the use of existing signals to detect abusive behavior
• Help respond to spam, fraud, and abuse incidents

Skills

• 5+ years of proven engineering experience working in either a Security Engineering or a Software Engineering role. In the case of the latter, some security experience is preferred
• Strong security judgment in threat modeling and risk prioritization and/or strong technical judgment in designing and building maintainable, scalable systems
• Proficiency in at least one general-purpose coding language
• Strong communication and interpersonal skills, with demonstrated experience collaborating across functions
• Subject matter expertise in Application Security, Cloud Security, Corporate Security, Data Access Governance, and/or IAM (Identity and Access Management)
• Demonstrated ability to make hard prioritization decisions in security controls

Benefits

• Equity to employees
• Health, dental & vision
• Retirement with company contribution
• Parental leave & reproductive or family planning support
• Mental health & wellness benefits
• Generous PTO
• Company recharge days
• A learning & development stipend
• A work from home stipend
• Cell phone reimbursement
• Sales incentive pay for most sales roles
• An annual bonus plan for eligible non-sales roles

Company Overview

Company H1B Sponsorship