Have you ever tried to hire a plumber? How about a house cleaner? If you have, chances are it took you way longer than it should. In the era of instant-everything, it’s crazy that you still have to waste an entire afternoon researching, calling and vetting local service professionals whenever you need one. The market for hiring them is huge — $700B in the US alone — but the process is inefficient and largely offline.

Thumbtack is transforming this experience end-to-end, building a marketplace that matches millions of people with local pros for almost any project. In making these connections, not only do our customers get more done every day, our pros are able to grow their businesses and make a living doing what they’re great at.

About the Engineering Team

At Thumbtack, engineers at every level directly impact improvements across the product, including project scoping, matching, scheduling, messaging and payments. Building an outstanding experience for each of these user flows is made more complex by the sheer scale of our approach: Thumbtack simultaneously operates in nearly 1,000 categories, in every county in the US. Our new Instant Match tool has allowed us to truly revolutionize the experience of hiring local pros, while increasing supply to meet the robust customer demand we’ve spent years growing.

About the Role

With a fast growing user base and internal staff, privacy and security are becoming a greater concern for our engineering team, and we want to harden our systems against all possible threats. From SSNs to personal details, we expect (as do our users) that data on our systems is private and secure.

We’re looking for someone to lead our security efforts. We know security is an ever­-changing landscape of threats, vulnerabilities, new technologies, and best practices. We’ve done the fundamentals, but now we’re looking for someone to take our security practices to the next level across our entire platform. From vetting application logic to hardening firewalls and forming best practices with our IT teams, you will own Thumbtack’s security and privacy efforts.


  • Define, maintain and enforce application security best practices -- create secure design patterns and provide training and awareness to fellow engineers
  • Conduct architecture reviews and white box security testing to assess and validate application security
  • Explain and demonstrate vulnerabilities to application/system owners, provide recommendations for mitigation, and design solution prototypes and/or implement security enhancements
  • Investigate incidents and lead response efforts, while identifying methods to improve preparedness

Must-Have Qualifications

  • Strong web development and operations background, with a solid grasp of all aspects of things IP, TCP, HTTP, and on up
  • Minimum of 4 years of industry experience in engineering
  • Coding experience; C/C++, Java, Python
  • A strong level of comfort with core Linux security principles
  • In-depth knowledge of system and network security, including cryptography, authentication protocols, intrusion detection systems, firewalls and VPNs
  • A penchant for finding bugs and security flaws in even the most well-guarded systems to minimize risk within our organization
  • Hands-on experience with security tools
  • Strong communication skills and willingness to proactively collaborate and effectively explain security concepts and technologies
  • Ongoing excitement to learn and grow

Nice-to-Have Qualifications

  • Experience with
    • Amazon Web Services
    • PostgreSQL and BigQuery
    • Configuration management tools, e.g. Puppet, Terraform

If you don't think you meet all of the criteria above but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.

More About Us

Thumbtack is a local services marketplace that connects customers who need to get things done with local, skilled professionals who can help. From plumbers and painters to DJs and personal trainers, Thumbtack helps millions of customers find the right professional for their project in 1,000 categories. Founded in 2009 and headquartered in San Francisco, Thumbtack is backed by over $250 million in investment from Sequoia Capital, CapitalG, Tiger Global Management, Javelin Investment Partners and Baillie Gifford.

Thumbtack embraces diversity. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, sexual orientation, gender identity, religion, national origin, citizenship, marital status, veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

Apply for this Job

* Required

File   X
File   X