Thumbtack finds local professionals for almost anything.
Thumbtack’s dynamic marketplace is helping millions of people accomplish important, personal projects in their lives. With a fast growing userbase, as well a burgeoning internal staff, privacy and security are becoming a greater concern for our engineering team, and we want to harden our systems against all possible threats. From credit cards and SSNs to intimate personal details, we expect (as do our users) that data on our systems is private and secure.
We’re looking for someone to lead our security efforts. We know security is an ever-changing landscape of threats, vulnerabilities, new technologies, and best practices. We’ve done the basics (protecting against the likes of Bobby Tables, for example) but now we’re looking for someone to take our security practices to the next level across our entire platform. From vetting application logic to hardening firewalls and forming best practices with our IT teams, we expect you to own Thumbtack’s security and privacy efforts.
Thumbtack currently has offices in San Francisco and Salt Lake City, with a large team of remote contractors based in the Philippines. To more effectively manage our rapid growth, we're currently moving services from dedicated Linux machines to AWS. We currently use Python, Go, and PHP, and manage our infrastructure with Puppet
Perform security and privacy risk assessments on infrastructure components
Design, evaluate tradeoffs, and implement security enhancements
Investigate incidents and lead response efforts, while identifying methods to improve preparedness
Maintain engineering and security documentation; provide training and awareness to fellow engineers
Strong web development and operations background, with a solid grasp of all aspects of things IP, TCP, HTTP, and on up
A penchant for finding bugs and security flaws in even the most well-guarded systems to minimize risk within our organization
Comfortable writing tools in Python to automate operations
Knowledge in the various use cases for state-of-the-art cryptography
Solid foundation in network security which compliments your system and server security expertise
A strong level of comfort with core Linux security principles
A desire to make the world better by protecting the safety, privacy, and security of technology users
Strong communication skills and willingness to proactively collaborate
Ongoing excitement to learn and grow
Please visit www.thumbtack.com/jobs to return back to our careers page.
Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.