Technical Program Manager - Security

The mission of the Engineering TPM team is to drive Figma’s most important cross-company engineering effort and we are looking for a Technical Program Manager to partner with our Tech org on security-related initiatives. The TPM provides oversight of the most important efforts that require coordinated technical execution across the Org in order to succeed. These large-scale efforts will involve collaboration across numerous product and platform engineering teams & cross-functional stakeholders prioritization decision making tracking execution & driving operational excellence. We’re looking for someone who can work in a TPM greenspace environment and is passionate about people technology and program management. Progress over process is our mantra.

This is a full time role that can be held from one of our US hubs or remotely in the United States.

What you'll do at Figma:

As a Technical Program Manager you’ll work closely with our security product and platform engineering teams to manage the development and deployment of security initiatives. You will collaborate with cross-functional teams including engineering legal and compliance to define and execute security roadmaps.

• Enhance our Secure SDLC via proactive security reviews and requirements integrated into our software development process from project intake through post-launch tracking

• Manage the security partnership engagement process driving cross-team collaboration to reduce security debt

• Track key security metrics for ongoing programs such as bug bounty programs penetration testing & SaaS Security

• Sustain security education initiatives to empower teams across Figma to own and manage their security practices

We’d love to hear from you if you have:

• 4+ years of technical program management experience with deep expertise in security fundamentals such as secure software development vulnerability management and cloud security

• Experience driving large-scale security programs

• Practical knowledge of security engineering practices like threat modeling security design reviews secure code reviews and dependency management

• Expertise in supporting the security lifecycle including vulnerability discovery tracking security bugs and managing vendor security

• A proven ability to lead cross-functional efforts and manage competing priorities between security needs and product timelines

• A deep understanding of how to track security metrics assess security risks and implement security controls for SaaS applications

While it’s not required it’s an added plus if you also have:

• Experience in vendor security management particularly in assessing and improving SaaS security maturity

• Familiarity with security compliance programs like FedRAMP

• A bias towards action self-motivation and a passion for driving security initiatives in a fast-paced dynamic environment

At Figma one of our values is Grow as you go. We believe in hiring smart curious people who are excited to learn and develop their skills. If you’re excited about this role but your past experience doesn’t align perfectly with the points outlined in the job description we encourage you to apply anyways. You may be just the right candidate for this or other roles.