Compliance Manager

Summary

Join Figma's growing team and become our Compliance Manager, responsible for implementing and ensuring the effectiveness of IT General Controls (ITGCs) for SaaS applications. You will be the main point of contact between IT, engineering, and auditors, leading audit activities and remediating gaps. This full-time role can be based in our SF or NY hub or remotely. You will lead the design, implementation, and monitoring of ITGC frameworks, develop and maintain related policies and procedures, and partner with audit teams. The role also involves working with stakeholders to address risks and enhance system security, conducting risk assessments, and providing training. Figma offers a competitive compensation and benefits package.

Requirements

• 5+ years of audit/assessment experience with SOX
• In-depth knowledge of ITGC frameworks, including access management, change management, and operations
• Strong understanding of cloud-based applications and corporate IT infrastructures
• Proven project management and organizational skills with the ability to manage multiple priorities
• Effective communication skills, with the ability to convey complex concepts to technical and non-technical audiences

Responsibilities

• Lead the design, implementation, and monitoring of ITGC frameworks for non-corporate systems, including access controls, change management, data integrity, and IT operations
• Develop and maintain ITGC policies, procedures, and documentation to support the organization's control environment
• Partner with internal and external audit teams to support ITGC testing and resolve findings efficiently
• Work closely with system owners, IT teams, and business stakeholders to address risks, implement controls, and enhance system security
• Provide relevant awareness training to control owners
• Conduct regular risk assessments of corporate systems to identify potential control gaps and recommend remediation strategies

Preferred Qualifications

• Experience with audit tools, GRC platforms, and automation technologies
• Ability to work efficiently and independently in a fast-paced, high-volume environment
• CISA, CRISC, or CISSP certification

Benefits

• Health, dental & vision
• Retirement with company contribution
• Parental leave & reproductive or family planning support
• Mental health & wellness benefits
• Generous PTO
• Company recharge days
• A learning & development stipend
• A work from home stipend
• Cell phone reimbursement
• Sales incentive pay for most sales roles
• An annual bonus plan for eligible non-sales roles
• Equity