• Set up, configure, and maintain security roles, groups, and access controls to align with organizational needs and policies. • Develop, implement, and maintain security policies, procedures, and guidelines. • Maintain awareness of product roadmaps and provide input to strategy discussions by helping translate how Workday can support strategic functional objectives. • Manage authentication policies to define user login methods, including SSO, MFA, IP restrictions, and step‑up authentication, and apply security controls based on the selected login methods. • Liaison with key stakeholders to develop awareness of Workday security capabilities and constraints. • Contribute to IT architecture discussions that impact Workday or are related to security and identity management. • Work with Information Security to define incident response plans for Workday. • Troubleshoot and resolve security-related issues, such as access problems, for end-users. • Work closely with business partners, HR, Finance, IT, and other teams to translate security requirements into best practice solutions. • Create and maintain comprehensive documentation of security configurations, processes, and incident resolutions. • Troubleshoot unexpected results or process flaws and recommend solutions. • Provide internal client support, troubleshooting data access, and system issues, recommending solutions, and implementing enhancements and fixes. • Provides program management assistance on various HR and Finance initiatives, including the rollout and implementation of new and existing programs. • Ensure data integrity within Workday and assist with data audits and security role permissions cleanup. • Support internal and external audits by providing documentation and ensuring compliance with access. • Actively participate in the Workday Community to ensure awareness of current trends and innovation. • Monitor system activity for security incidents, suspicious activities, and vulnerabilities. • Respond to and investigate security incidents, coordinating with Information Security and other relevant departments to mitigate and resolve issues promptly. • Document security incidents, resolutions, and lessons learned to improve future response strategies. • Understands and communicates expectations to all members of the project team. • Establishes positive, professional relationship with staff. • Establishes proper communication channels with project and team personnel and responds appropriately to all concerns. • Ensuring that WVU meets its goals and deadlines for large IT projects and initiatives.

Role Description We’re looking for an expert Technical Program Manager (TPM) to support our Security Operations team. In this role, you’ll partner with our Business and Technology teams to lead cross-functional programs that are critical to how we manage risk and secure our organization. You’ll ensure alignment across teams, deliver on commitments, develop solutions, and clear roadblocks so we can move forward together. Beyond execution, you’ll roll up your sleeves to shape how teams work together—championing security practices, strengthening operations, and solving tough problems with scalable, repeatable practices. This is a full time role that can be held from one of our US hubs or remotely in the United States. What you’ll do at Figma: - Own end-to-end program execution for security, compliance, and infrastructure initiatives—managing dependencies, milestones, risks, and reporting at a portfolio level. - Lead highly cross-functional programs, using strong project management skills to deliver complex initiatives in a collaborative and transparent way. - Drive project alignment by handling dependencies, guiding technical discussions, facilitating decision making, and ensuring the right conversations happen at the right time. - Influence outcomes by building trusted, strong partnerships across the organization. - Champion effective ways of working—finding the right balance of tools, structure & practices while continuously improving how we collaborate and deliver on our commitments. Qualifications - 5+ years of program or project management experience in a cloud or SaaS environment supporting enterprise technology or security teams. - Strong understanding of information security principles and controls, including data protection, access management, and application security. - Ability to dive into technical details and apply that knowledge to drive alignment and solve complex challenges. - Experience communicating complex security risks and tradeoffs to both technical and non-technical audiences. - Proficiency with project management and collaboration tools (e.g., Asana, Google Workspace, Slack, Zoom, Notion, Figma) and the judgment to apply them effectively based on team needs. Requirements - While not required, it’s an added plus if you also have: - PMP & Scrum Certifications. - Prior experience with identity and access management systems and practices, vendor security and technology governance processes, risk assessments, security investigations, detection and response operations, and incident response. - Familiarity with security frameworks and standards such as ISO 27001, NIST, and SOC 2, and experience with ITGC frameworks. - Familiarity with AI/ML risk considerations or AI risk frameworks (NIST AI RMF, OECD, ISO 42001). - Experience with using AI tools (e.g Claude Code, Claude Cowork, Open AI Codex, etc) to automate and scale manual processes and decision-making workflows. Benefits - Figma offers equity to employees, as well a competitive package of additional benefits, including: - Health, dental & vision. - Retirement with company contribution. - Parental leave & reproductive or family planning support. - Mental health & wellness benefits. - Generous PTO. - Company recharge days. - A learning & development stipend. - A work from home stipend. - Cell phone reimbursement. - Sales incentive pay for most sales roles and an annual bonus plan for eligible non-sales roles. Pay Transparency Disclosure If based in Figma’s San Francisco or New York hub offices, this role has the annual base salary range stated below. Job level and actual compensation will be decided based on factors including, but not limited to, individual qualifications objectively assessed during the interview process (including skills and prior relevant experience, potential impact, and scope of role), market demands, and specific work location. The listed range is a guideline, and the range for this role may be modified. For roles that are available to be filled remotely, the pay range is localized according to employee work location by a factor of between 80% and 100% of range. Please discuss your specific work location with your recruiter for more information. Annual Base Salary Range: $140,000 — $245,000 USD Equal Opportunity Statement At Figma we celebrate and support our differences. We know employing a team rich in diverse thoughts, experiences, and opinions allows our employees, our product and our community to flourish. Figma is an equal opportunity workplace - we are dedicated to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity/expression, veteran status, or any other characteristic protected by law.

• Assist in the development, implementation, and maintenance of GRC frameworks and managing third-party risk. • Contribute to the assessment and mitigation of organizational risks. • Maintain internal policies, standards and security baselines, oriented toward compliance and regulatory standards - as well as, enforcement of secure practices. • Manage risk acceptance and policy exception processes, ingesting risks and creating tracking, reporting and accountability mechanisms. • Participate in audits of security controls and processes. • Assist with the creation and maintenance of documentation related to GRC activities, TPRM, Business Continuity Planning (BCP), Business Impact Analysis (BIA) and Disaster Recovery. • Assist in the identification of control gaps. • Contribute to the development of remediation plans. • Conduct due diligence on potential third-party vendors to evaluate their security posture, financial stability, and compliance with relevant regulations. • Assist in monitoring compliance activities. • Collaborate with various departments to integrate TPRM into vendor management processes. • Perform vendor and product risk assessments, to align vendors and products with applicable standards, policies and security baselines. • Create and maintain vendor questionnaire and Data Protection Agreements (DPA). • Vendor Responsibility Agreement, covering performance standards, security obligations, adherence to the Change Management process, training, communications, and documentation. • Assist Legal with vendor reviews and responses. • Conduct audits of third-party security controls, processes and vendor performance compliance and address and risks that arise. • Aid in the development of risk training and awareness programs. • Maintain GRC monitoring applications. • Performs other related job duties, as assigned.

Role Description The IT/ICT/Building Security Systems Designer will provide a wide range of consulting and design services related to information technologies, structured cabling, and building security. Projects primarily involve design of IT/ICT/Security systems and infrastructure for new buildings or major renovations to existing buildings. This role involves working on multiple concurrent projects, ensuring efficiency, accuracy, and top-quality work for our clients. This is a Work From Home position, and we are open to major markets beyond those listed. Responsibilities - Serve as a key contributor within a project design team, bringing a forward-thinking perspective on technology. - Design customized IT solutions, including: - Entrance Facilities - Telecomm Rooms - Pathways and other infrastructure - Wired/wireless and copper/fiber Structured Cabling Systems to support voice/data/video applications - Outside Plant - Distributed Antenna Systems - Data Center technologies - Other leading-edge IT solutions - Design customized Building Security solutions, including: - Video surveillance systems - Access control - Intrusion detection - Emergency telephones - Other innovative security technologies - Advise clients on Crime Prevention Through Environmental Design (CPTED). - Assist with business development activities as requested. - Develop and direct the documentation of high-quality infrastructure construction drawings, details, cost analysis, and specifications, often using AutoCAD, Revit, or PDF mark-ups with BlueBeam, and directing CAD staff to document the project in Revit. - Collaborate with MEP and architectural team members, guiding clients through the technology selection process. - Review submittals and shop drawings, coordinating with architects, contractors, engineers, and consultants. - Perform site walk-throughs to ensure adherence to standards and procedures. - Stay abreast of emerging technologies, products/services, guidelines, and standards, and their applicability to potential projects. - Ensure all work is completed on time, within budget, and consistently meets NV5’s high standards of quality. Qualifications - Minimum of five years of consulting experience in the design and specification of telecommunications systems, IT spaces, security systems, and cable plant projects for new buildings or major renovations to existing buildings. - In-depth knowledge of services, hardware, infrastructure, and systems architecture for IT. - CPTED experience is desired but not required. - Excellent attention to detail and outstanding communication skills, both oral and written. - Ability to meet deadlines and honor commitments. - Values that include integrity, accountability, and a desire to have fun while delivering Best-in-Class services to clients. - Works well as an individual contributor or as a collaborative team member. - Maintains a professional and positive attitude in a fast-paced and occasionally high-pressure environment. - High proficiency in BlueBeam and Microsoft Office. - General proficiency in AutoCAD and Revit. - BICSI Certification (active RCDD or test-ready; ITS Installer-1, or ITS Installer-2; additional certifications including OSP, WD); or ASIS certification is desired but not required. - Bachelor’s degree in a technical field is desired; equivalent industry experience will be considered. - Pluses: PE or additional industry certifications; experience with design of network electronic systems design; project experience within higher education or healthcare; strategic technology master planning; experience in business development for professional services. Requirements - All candidates must be driven to satisfy the needs of end users and have the ability to deliver high caliber results in a timely manner while operating without direct supervision. - Some overnight travel may be required. - On occasion, it may be necessary to participate in off-hours acoustic testing, as needed to support our design services. Benefits - NV5 offers a competitive compensation and benefits package including medical, dental, life insurance, PTO, 401(k) and professional development/advancement opportunities.