Director, Security Operations & Information Security

The role of Director, Security Operations & Information Security is a new and critical addition to our organization. This leader will be responsible for driving our enterprise-wide security strategy and ensuring operational excellence across our systems, from GTM and Finance platforms to IT, Compliance, and Risk.

Our broader Information Security function is expanding its scope to align more deeply with business priorities. This includes building scalable frameworks for threat management, compliance, and governance, and ensuring that every team - from Sales to Engineering - has the tools and guidance needed to operate securely and confidently.

We're looking for a proven security leader who has built and scaled SecOps and InfoSec programs, partnered effectively with senior leaders across the business, and can ensure that we continue to deliver resilience, trust, and protection for Figma and our customers.

This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you'll do at Figma:

• Lead and scale the Information Security and Enterprise Security functions, including Security Operations, Third-Party Risk Management, Incident Response, Threat Detection, Vulnerability Management, and GRC
• Define and drive the security strategy and roadmap, balancing innovation and risk in close partnership with Engineering and Product leadership
• Collaborate cross-functionally to ensure comprehensive security governance across the organization
• Develop and uphold security incident response plans, tabletop exercises, and post-mortem processes throughout the organization
• Establish metrics and KPIs to monitor the effectiveness of security programs and continuously improve them
• Build and manage an impactful team, hiring world-class talent and fostering a culture of collaboration and accountability
• Serve as a trusted advisor to the leadership team and board members on security risks, trends, and incidents
• Lead vendor and third-party risk, including security evaluations and contract reviews

We'd love to hear from you if you have:

• 10+ years of experience in information security, with 5+ years in a senior leadership role overseeing security operations or infosec
• Strong background in building and scaling security programs in SaaS/cloud-native environments
• Deep knowledge of modern threat landscapes, detection and response strategies, and vulnerability management practices
• Understanding of compliance and regulatory frameworks relevant to enterprise SaaS (SOC 2, ISO, FedRAMP, etc.)
• Experience engaging with auditors, regulators, and customer security teams

At Figma, one of our values is Grow as you go. We believe in hiring smart, curious people who are excited to learn and develop their skills. If you're excited about this role but your past experience doesn't align perfectly with the points outlined in the job description, we encourage you to apply anyways. You may be just the right candidate for this or other roles.