Sorry. This page is not yet translated.

Thumbtack finds local professionals for almost anything.

Security Engineer
San Francisco, CA, US
Job Description / Skills Required

Thumbtack’s dynamic marketplace is helping millions of people accomplish important, personal projects in their lives. With a fast growing userbase, as well a burgeoning internal staff, privacy and security are becoming a greater concern for our engineering team, and we want to harden our systems against all possible threats. From credit cards and SSNs to intimate personal details, we expect (as do our users) that data on our systems is private and secure.

We’re looking for someone to lead our security efforts. We know security is an ever-changing landscape of threats, vulnerabilities, new technologies, and best practices. We’ve done the basics (protecting against the likes of Bobby Tables, for example) but now we’re looking for someone to take our security practices to the next level across our entire platform. From vetting application logic to hardening firewalls and forming best practices with our IT teams, we expect you to own Thumbtack’s security and privacy efforts.

Thumbtack currently has offices in San Francisco and Salt Lake City, with a large team of remote contractors based in the Philippines. To more effectively manage our rapid growth, we're currently moving services from dedicated Linux machines to AWS. We currently use Python, Go, and PHP, and manage our infrastructure with Puppet


Perform security and privacy risk assessments on infrastructure components

Design, evaluate tradeoffs, and implement security enhancements

Investigate incidents and lead response efforts, while identifying methods to improve preparedness

Maintain engineering and security documentation; provide training and awareness to fellow engineers


Strong web development and operations background, with a solid grasp of all aspects of things IP, TCP, HTTP, and on up

A penchant for finding bugs and security flaws in even the most well-guarded systems to minimize risk within our organization

Comfortable writing tools in Python to automate operations

Knowledge in the various use cases for state-of-the-art cryptography

Solid foundation in network security which compliments your system and server security expertise

A strong level of comfort with core Linux security principles

A desire to make the world better by protecting the safety, privacy, and security of technology users

Strong communication skills and willingness to proactively collaborate

Ongoing excitement to learn and grow

Good humor

Please visit to return back to our careers page.

Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.