Compliance Manager, Customer Trust & Third Party Risk

The Compliance Manager will be responsible for leading third-party vendor reviews and advancing customer trust initiatives. The role is divided equally between performing vendor assessments and collaborating with internal stakeholders to ensure clear communication of our security posture and timely resolution of customer security and compliance inquiries.

This is a full time role that can be held from our SF, Seattle, or NY hub.

What you'll do at Figma:

• Conduct and maintain third-party vendor security assessments, monitor ongoing vendor risk, and track remediation efforts to ensure alignment with internal policies and standards
• Partner with Procurement, Legal, Contracts, and Security teams to embed appropriate risk and compliance controls into vendor agreements and support negotiations or escalations
• Develop and maintain reporting and metrics that provide leadership visibility into vendor and third-party risk posture
• Coordinate timely, accurate responses to customer security questionnaires, audits, and other trust-related inquiries by collaborating with IT, Legal, Security, Sales, and Customer Success
• Prepare, present, and maintain security documentation and reports that demonstrate the organization's security and compliance commitments
• Manage customer audits and risk assessments, proactively identifying and addressing customer-raised risks or concerns
• Create, centralize, and scale security assurance content and evidence, continuously improving processes to enhance customer trust and support sales acceleration

We'd love to hear from you if you have:

• Strong understanding of security frameworks and standards (e.g., ISO 27001, NIST, SOC 2)
• Excellent communication and interpersonal skills, with the ability to convey complex security concepts to non-technical audiences
• Experience in responding to security questionnaires and managing customer audits
• Strong organizational and project management skills
• Ability to build and maintain strong customer relationships

While not required, it's an added plus if you also have:

• Experience with audit tools, GRC platforms, and automation technologies
• Ability to work efficiently and independently in a fast-paced, high-volume environment
• CISA, CRISC, and CISSP

At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you're excited about this role but your past experience doesn't align perfectly with the points outlined in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.