Thumbtack is a local services marketplace that connects customers with the right professionals for anything they need done. Every day we rally around the impact Thumbtack has on people’s lives - from house cleaners, to yoga instructors to general contractors, we’re helping small businesses grow and thrive. Join our growing team in the quest to build THE destination for anything you need done.
About the Engineering Team
At Thumbtack, our engineering team is building the future of hiring local professionals. We are focused on building a product that makes it easy to get things done. Along the way, we are solving quite a few not-so-easy problems to more effectively manage our rapid growth. We currently use Python, Go, Scala, and PHP, and manage our infrastructure with Puppet.
About the Role
With a fast growing user base and internal staff, privacy and security are becoming a greater concern for our engineering team, and we want to harden our systems against all possible threats. From SSNs to personal details, we expect (as do our users) that data on our systems is private and secure.
We’re looking for someone to lead our security efforts. We know security is an ever-changing landscape of threats, vulnerabilities, new technologies, and best practices. We’ve done the fundamentals, but now we’re looking for someone to take our security practices to the next level across our entire platform. From vetting application logic to hardening firewalls and forming best practices with our IT teams, you will own Thumbtack’s security and privacy efforts.
- Define, maintain and enforce application security best practices -- create secure design patterns and provide training and awareness to fellow engineers
- Conduct architecture reviews and white box security testing to assess and validate application security
- Explain and demonstrate vulnerabilities to application/system owners, provide recommendations for mitigation, and design solution prototypes and/or implement security enhancements
- Investigate incidents and lead response efforts, while identifying methods to improve preparedness
- Strong web development and operations background, with a solid grasp of all aspects of things IP, TCP, HTTP, and on up
- Minimum of 4 years of industry experience in engineering
- Coding experience; C/C++, Java, Python
- A strong level of comfort with core Linux security principles
- In-depth knowledge of system and network security, including cryptography, authentication protocols, intrusion detection systems, firewalls and VPNs
- A penchant for finding bugs and security flaws in even the most well-guarded systems to minimize risk within our organization
- Hands-on experience with security tools
- Strong communication skills and willingness to proactively collaborate and effectively explain security concepts and technologies
- Ongoing excitement to learn and grow
- Experience with
- Amazon Web Services
- PostgreSQL and BigQuery
- Configuration management tools, e.g. Puppet, Terraform
More About Us
Thumbtack is a local services marketplace that connects customers who need to get things done with local, skilled professionals who can help. From plumbers and painters to DJs and personal trainers, Thumbtack helps millions of customers find the right professional for their project in 1,000 categories. Founded in 2009 and headquartered in San Francisco, Thumbtack is backed by over $250 million in investment from Sequoia Capital, CapitalG, Tiger Global Management, Javelin Investment Partners and Baillie Gifford.
- Learn more about our culture, benefits, and perks
- Learn more about engineering at Thumbtack
- Follow Thumbtack on LinkedIn
Thumbtack embraces diversity. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, sexual orientation, gender identity, religion, national origin, citizenship, marital status, veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.