[Remote] Security Engineer
Note: The job is a remote job and is open to candidates in USA. Figma is a company on a mission to make design accessible to all, and they are seeking a Security Engineer to enhance the security of their product, platform, and IT systems. The role involves collaborating with various teams to implement security improvements, conduct assessments, and respond to incidents across multiple domains including AI, platform, product security, and anti-abuse.ResponsibilitiesPerform technical security assessments, code audits, and design reviews for new AI infrastructure, platforms, and productsDesign and develop technical solutions to secure AI models, tooling, debugging workflows, and data pipelinesAdvocate for secure practices across Figma’s AI infrastructure, platforms, and data systemsBuild the next generation of internal AI-powered access insights and security toolingHelp run penetration testing and offensive security exercises against Figma’s AI infrastructure, platforms, and productsPerform technical security assessments, code audits, and design reviews for changes to Figma’s cloud and corporate infrastructureDesign and develop solutions to prevent or mitigate cloud and corporate security risksAdvocate for secure practices within Figma’s cloud and corporate infrastructureBuild platforms and tooling to detect and respond to infrastructure and corporate security threatsPerform technical security assessments, code audits, and design reviews for new product featuresDesign and develop solutions to prevent or mitigate product security vulnerabilitiesAdvocate for secure development practices across Figma’s products and servicesHelp run penetration testing, offensive security exercises, and support our bug bounty programHelp respond to product security incidentsDesign and build technical systems to prevent spam, fraud, and abusePartner closely with product teams to identify and address potential abuse vectorsDevelop new signals and improve the use of existing signals to detect abusive behaviorHelp respond to spam, fraud, and abuse incidentsSkills5+ years of proven engineering experience working in either a Security Engineering or a Software Engineering role. In the case of the latter, some security experience is preferredStrong security judgment in threat modeling and risk prioritization and/or strong technical judgment in designing and building maintainable, scalable systemsProficiency in at least one general-purpose coding languageStrong communication and interpersonal skills, with demonstrated experience collaborating across functionsSubject matter expertise in Application Security, Cloud Security, Corporate Security, Data Access Governance, and/or IAM (Identity and Access Management)Demonstrated ability to make hard prioritization decisions in security controlsBenefitsEquity to employeesHealth, dental & visionRetirement with company contributionParental leave & reproductive or family planning supportMental health & wellness benefitsGenerous PTOCompany recharge daysA learning & development stipendA work from home stipendCell phone reimbursementSales incentive pay for most sales rolesAn annual bonus plan for eligible non-sales rolesCompany OverviewFigma is a collaborative design tool that enables teams to create, prototype, and test digital products on one platform. It was founded in 2012, and is headquartered in San Francisco, California, USA, with a workforce of 1001-5000 employees. Its website is https://www.figma.com.Company H1B SponsorshipFigma has a track record of offering H1B sponsorships, with 12 in 2026, 47 in 2025, 27 in 2024, 32 in 2023, 35 in 2022, 16 in 2021, 6 in 2020. Please note that this does not guarantee sponsorship for this specific role.