As a Compliance Analyst, you will be a critical part of Figma's efforts to collect evidence for audits and assessments from various stakeholders and control owners. As a member of the broader GRC (Governance, Risk, and Compliance) team, the ideal candidate will be detail-oriented, a self-starter who can work independently, and meet deadlines in a fast-paced environment. This role will report to the GRC Manager.

Figma is growing our team of passionate people on a mission to make design accessible to all. Born on the Web, Figma helps entire product teams brainstorm, create, test, and ship better designs, together. From great products to long-lasting companies, we believe that nothing great is made alone—come make with us!

Security Documentation (20%)

Attention to detail for meticulous documentation of security controls, risk assessments, and compliance measures is crucial. Accurate and comprehensive documentation ensures transparency and compliance with regulatory requirements.

Collaborate and Automate (25%)

Collaboration is key in a team environment, and the ability to work effectively with cross-functional teams is highly valuable. Automation skills also play a significant role, streamlining processes, and improving efficiency in compliance and security measures.

Continuous Monitoring (30%)

Continuous monitoring is a fundamental aspect of maintaining security postures. Regularly assessing and updating security controls and monitoring for vulnerabilities contribute significantly to maintaining compliance and addressing emerging threats.

User Management (15%)

Managing user access, privileges, and authentication processes is critical for maintaining a secure environment. Compliance often involves strict controls over user management to prevent unauthorized access and ensure data integrity.

Strategic Growth (10%)

While not as immediately tied to day-to-day tasks, the ability to contribute to strategic growth by identifying opportunities for improvement, staying updated on industry trends, and providing insights into future security requirements is valuable for the long-term success of the team.

• Maintain existing Security Compliance Certifications and Frameworks (i.e. SOC 2 Type II, ISO 27001)

   

• Serve as a subject matter expert for applicable compliance standards and be a valued partner to the business and engineering teams in the implementation of the standards

• Gap assess new in-scope tools and new hosting regions/environments against existing controls and processes

• Help drive and improve Annual Operational Activities (i.e. Quarterly Privileged User Access Reviews)

• Implement and mature controls that scale and do not burden teams

• Refine Figma’s Controls through control rationalization efforts

• Configure compliance automation tooling to help achieve continuous monitoring and automated evidence collection for external audits

• Communicate progress, escalations, and issue resolution to management and team stakeholders

• Align changes made to existing controls and processes to the Information Security and Data Privacy Policies

• 3+ years of security compliance or IT compliance experience

• Worked with multiple security compliance frameworks (i.e. ISO 27001, SOC 2, and NIST)

• Familiarity with cloud computing/architecture such as AWS

• Conducted compliance gap assessments and worked cross-functionally to remediate any identified issues

• Led or supported external audits

While it’s not required, it’s an added plus if you also have:

• Planned, coordinated, and prioritized multiple sophisticated projects to completion

• Experience with control rationalization and drafting control narratives
• Demonstrated experience establishing work relationships across multi-disciplinary teams (including Security, Engineering, Legal, IT, and HR)

• Scanned copy of valid NBI Clearance
• Accomplished Medical or PEME Slip (covered by KMC)
• 2x2 & Half body picture with white background
• Proof of government numbers (TIN, SSS, Pag-ibig, & Philhealth)
• Photocopy of 2 valid IDs – front & back (government-issued)
• Clear copy of your Birth Certificate (PSA or NSO)
• Accomplished HR Forms & Promissory Note (will be provided by KMC’s Onboarding Team

If you're a rockstar at what you do and looking to be a part of our amazing story, we want to hear from you!

We offer attractive salaries and benefits plus you get to work in some of the Philippines' best flexible workspaces. Our employees also get to enjoy exclusive discounts, rewards and freebies, and invites to our monthly events. We are always recruiting for roles in IT & Development, Marketing, Business Administration, HR & Recruitment and Legal & Finance Roles.

KMC provides quality employment opportunities for job-seekers looking for a career that is both challenging and fulfilling. We are also committed to providing equal opportunities at every selection stage. We do not discriminate due to age, gender, sexual orientation, ethnicity, nationality, and religion.

KMC Solutions offers a variety of career opportunities in Metro Manila, Cebu and Clark & Iloilo. We are always looking for talented and enthusiastic individuals who are ready to make their next big career move.

At KMC, we foster an inclusive and positive workplace for all. We push our members to succeed in everything they do through our collaborative work environment. We encourage our community to work hard and reach their full potential while delivering results that matter for our members and you as professionals.

We host amazing and quality events and implement people-centric policies to work flexibly. We ensure that everyone in our expansive network is engaged, from our internal employees and those who work on behalf our offshore partners.

At KMC, we work hard and we are committed to putting our best foot forward in everything we do. Everyone is encouraged to be an individual while also working for the collective good of the KMC Community. We believe mistakes are opportunities and that you should not present a solution without a problem.

We also know when hard work deserves to be recognized so we reward our employees with monthly parties, free trips and much much more!