Senior Infrastructure Engineer, Security

Remote, Ontario

Full Time Senior-level / Expert
Thumbtack logo

Thumbtack

When you need to hire someone — a landscaper, a DJ, anyone — Thumbtack finds them for you for free. Get estimates right now from pros ready to do the job.
Apply now Apply later

We’re the technology leader building the modern home management platform. Today, millions of people use Thumbtack to effortlessly manage their homes. We help them confidently know what to do, when to do it and who to hire. 

Our goal is simple: to be the only platform homeowners need to fix, maintain and improve their homes. As a long-term partner for homeowners, our promise is to turn what was once confusing and intimidating into something straightforward — and a lot less stressful.

At Thumbtack, we're not just creating a new era of homeownership. We’re supporting local economies and building stronger communities. Each day, we connect local professionals across America with busy homeowners so they can grow their businesses. 

Thumbtack is for everyone. Our customers and pros come from all walks of life and every county in the country. We want our team to reflect that. If you come from an underrepresented background in tech, we strongly encourage you to apply. 

Our North Star is bright and our ambitions are big. We’ve been at this for over a decade, but the way we see it: we’re just getting started.

Thumbtack by the Numbers

  • Available in all 3,143 U.S. counties.
  • Nearly 4.5 million customers in the last 12 months
  • Hundreds of thousands of local professionals on our platform
  • 65 million projects started on Thumbtack
  • Over 7 million 5-star reviews left for stellar pros

About the Engineering Team

At Thumbtack, engineers at every level build products and systems that directly impact our customers and professionals. Our challenges span a wide variety of areas, ranging from building search and booking experiences to optimizing pricing systems, to building tools to help professionals grow their businesses. We believe in tackling these hard problems together as a team, with strong values around collaboration, ownership, and transparency. To read more about the hard problems that our team is taking on, visit our engineering blog.

About the Role

Our Infrastructure Engineering team is a hybrid of software, system and site reliability engineering. Our current mission is to design Thumbtack’s next version of the core infrastructure. We code our way out of operational problems. We are responsible for reliability, scalability, and automation while keeping an eye on latency, performance, and capacity.

In this role you will design, build, and drive an autonomous policy driven security strategy to protect Thumbtack’s cloud from external threats and vulnerabilities. You will be involved in the software development lifecycle from design to release and play a key role in establishing Thumbtack’s security posture. Additionally, you will participate in vulnerability scans, coordinate penetration testing activities, ensure compliance with SOX, SOC 2, OWASP, and support other security initiatives throughout the business.

Responsibilities

  • Design, write, and maintain software to improve the security, resilience, and efficiency of Thumbtack's services, incorporating open-source tools when available
  • Set the architectural direction of security practice and policy
  • Collaborate with engineering organizations on secure-by-default cloud architecture
  • Identify security vulnerabilities in virtual machine and container workloads through the software development lifecycle
  • Leverage and recommend best-in-suite security tooling and practice available with AWS and GCP partners
  • Partner tightly with the Infrastructure Engineering, Security, IT, and internal audit teams to implement security best practices and collaboratively design solutions

Must-Have Qualifications

If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.

  • Minimum of 5 years of industry experience in operations, backend, systems, infrastructure, or cybersecurity engineering
  • Demonstrable knowledge of OpenSource, AWS, and/or GCP security tooling
  • Knowledge of security requirements in compliance frameworks (e.g. SOC 2)
  • Knowledge of common threat modeling approaches, enterprise attack surfaces, and common mitigations tactics
  • Fluent in one or more of: Python, Javascript/Typescript, Go, Scala (or other high level scripting language)
  • Experience with one or more of: Puppet, Chef, Ansible, Terraform (or other active configuration management software)

Nice-to-Have Qualifications

  • Expertise in designing, analyzing, and troubleshooting large-scale distributed systems
  • Experience with incident management, SIEM, SOC controls, security policy enforcement, auditing, and/or cybersecurity forensics
  • Experience with and/or knowledge of WAP, WTLS, SSL/TLS
  • Security and/or AWS certifications (CISSP, GCIA GCIH, GCFA, GCFE, AWS Security Specialty, etc.)

More About Us

Thumbtack is a technology leader building the modern home management platform. Through the Thumbtack app, homeowners can effortlessly manage their homes — confidently knowing what to do, when to do it, and who to hire. Bringing the $500 billion home services industry online, Thumbtack empowers millions of homeowners to fix, maintain, and improve their most valuable asset. 

Founded in 2008, Thumbtack is backed by over $500 million in funding from folks that include Sequoia Capital, CapitalG, Tiger Global Management, Javelin Investment Partners, Baillie Gifford. 

Thumbtack is a virtual-first company, meaning you can live and work from any one of our approved locations across the United States, Ontario or the Philippines. When it is safe to gather, we will begin to host in-person events on a regular basis. Remote employees will be expected to travel occasionally for these events to a Thumbtack library or offsite team-building location. In cities with 5+ employees, we are establishing local communities, where employees can gather for local events. Additionally, employees in the San Francisco, Salt Lake City, Toronto and Manila areas will have opt-in access to communal workspace at one of our Thumbtack libraries. We always prioritize the health and safety of our employees. Currently, participation in these events and Thumbtack library use are optional. Both require employees to be fully vaccinated.

#LI-Remote

Thumbtack embraces diversity. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, sexual orientation, gender identity, religion, national origin, citizenship, marital status, veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

If you are a California resident, please review information regarding your rights under California privacy laws contained in Thumbtack’s Privacy policy available at https://www.thumbtack.com/privacy/.

*Currently, Thumbtackers can live anywhere in Ontario, Canada or the Philippines or in any of the following US states: AZ, CA, CO, CT, FL, GA, IL, IN, KY, MD, MA, MI, MN, NV, NH, NJ, NY, NC, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA. Our long term vision is to hire across all of the United States and Canada, but this expansion will take a few years.
Job perks/benefits: Team events Transparency
Job region(s): Remote/Anywhere North America
Job stats:  1  0  0
  • Share this job via
  • or

Explore more DevOps, Cloud and Digital Infrastructure career opportunities