Senior Infrastructure Engineer, Security
We’re the technology leader building the modern home management platform. Today, millions of people use Thumbtack to effortlessly manage their homes. We help them confidently know what to do, when to do it and who to hire.
Our goal is simple: to be the only platform homeowners need to fix, maintain and improve their homes. As a long-term partner for homeowners, our promise is to turn what was once confusing and intimidating into something straightforward — and a lot less stressful.
At Thumbtack, we're not just creating a new era of homeownership. We’re supporting local economies and building stronger communities. Each day, we connect local professionals across America with busy homeowners so they can grow their businesses.
Thumbtack is for everyone. Our customers and pros come from all walks of life and every county in the country. We want our team to reflect that. If you come from an underrepresented background in tech, we strongly encourage you to apply.
Our North Star is bright and our ambitions are big. We’ve been at this for over a decade, but the way we see it: we’re just getting started.
Thumbtack by the Numbers
- Available in all 3,143 U.S. counties.
- Nearly 4.5 million customers in the last 12 months
- Hundreds of thousands of local professionals on our platform
- 65 million projects started on Thumbtack
- Over 7 million 5-star reviews left for stellar pros
About the Engineering Team
At Thumbtack, engineers at every level build products and systems that directly impact our customers and professionals. Our challenges span a wide variety of areas, ranging from building search and booking experiences to optimizing pricing systems, to building tools to help professionals grow their businesses. We believe in tackling these hard problems together as a team, with strong values around collaboration, ownership, and transparency. To read more about the hard problems that our team is taking on, visit our engineering blog.
About the Role
Our Infrastructure Engineering team is a hybrid of software, system and site reliability engineering. Our current mission is to design Thumbtack’s next version of the core infrastructure. We code our way out of operational problems. We are responsible for reliability, scalability, and automation while keeping an eye on latency, performance, and capacity.
In this role you will design, build, and drive an autonomous policy driven security strategy to protect Thumbtack’s cloud from external threats and vulnerabilities. You will be involved in the software development lifecycle from design to release and play a key role in establishing Thumbtack’s security posture. Additionally, you will participate in vulnerability scans, coordinate penetration testing activities, ensure compliance with SOX, SOC 2, OWASP, and support other security initiatives throughout the business.
- Design, write, and maintain software to improve the security, resilience, and efficiency of Thumbtack's services, incorporating open-source tools when available
- Set the architectural direction of security practice and policy
- Collaborate with engineering organizations on secure-by-default cloud architecture
- Identify security vulnerabilities in virtual machine and container workloads through the software development lifecycle
- Leverage and recommend best-in-suite security tooling and practice available with AWS and GCP partners
- Partner tightly with the Infrastructure Engineering, Security, IT, and internal audit teams to implement security best practices and collaboratively design solutions
If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.
- Minimum of 5 years of industry experience in operations, backend, systems, infrastructure, or cybersecurity engineering
- Demonstrable knowledge of OpenSource, AWS, and/or GCP security tooling
- Knowledge of security requirements in compliance frameworks (e.g. SOC 2)
- Knowledge of common threat modeling approaches, enterprise attack surfaces, and common mitigations tactics
- Experience with one or more of: Puppet, Chef, Ansible, Terraform (or other active configuration management software)
- Expertise in designing, analyzing, and troubleshooting large-scale distributed systems
- Experience with incident management, SIEM, SOC controls, security policy enforcement, auditing, and/or cybersecurity forensics
- Experience with and/or knowledge of WAP, WTLS, SSL/TLS
- Security and/or AWS certifications (CISSP, GCIA GCIH, GCFA, GCFE, AWS Security Specialty, etc.)
More About Us
Thumbtack is a technology leader building the modern home management platform. Through the Thumbtack app, homeowners can effortlessly manage their homes — confidently knowing what to do, when to do it, and who to hire. Bringing the $500 billion home services industry online, Thumbtack empowers millions of homeowners to fix, maintain, and improve their most valuable asset.
Founded in 2008, Thumbtack is backed by over $500 million in funding from folks that include Sequoia Capital, CapitalG, Tiger Global Management, Javelin Investment Partners, Baillie Gifford.
- See what it’s like to work here
- Meet the pros who inspire us
- Learn about engineers on a mission
- Follow us on LinkedIn
- Discover our virtual first plan
Thumbtack is a virtual-first company, meaning you can live and work from any one of our approved locations across the United States, Ontario or the Philippines. When it is safe to gather, we will begin to host in-person events on a regular basis. Remote employees will be expected to travel occasionally for these events to a Thumbtack library or offsite team-building location. In cities with 5+ employees, we are establishing local communities, where employees can gather for local events. Additionally, employees in the San Francisco, Salt Lake City, Toronto and Manila areas will have opt-in access to communal workspace at one of our Thumbtack libraries. We always prioritize the health and safety of our employees. Currently, participation in these events and Thumbtack library use are optional. Both require employees to be fully vaccinated.
Thumbtack embraces diversity. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, sexual orientation, gender identity, religion, national origin, citizenship, marital status, veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.
Explore more DevOps, Cloud and Digital Infrastructure career opportunities
- Open Sr. DevOps Engineer jobs
- Open Senior Cloud Security Engineer jobs
- Open Lead Site Reliability Engineer jobs
- Open Cloud Automation Engineer jobs
- Open Senior Software Engineer - Site Reliability jobs
- Open Senior Test Automation Engineer jobs
- Open IT DevOps Engineer jobs
- Open Manager of DevOps & Engineering Infrastructure jobs
- Open Linux Infrastructure Developer jobs
- Open Senior Cloud Infrastructure Engineer jobs
- Open Staff, Product Manager - Global Infrastructure jobs
- Open Senior Software Engineer DevOps (remote) jobs
- Open Staff Platform Engineer jobs
- Open Lead DevOps Engineer jobs
- Open Reliability Engineer jobs
- Open Junior DevOps Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Staff DevOps Engineer jobs
- Open Senior Cloud Architect jobs
- Open DevOps/Configuration Management Specialist jobs
- Open Senior Automation Engineer jobs
- Open Senior Site Reliability Engineer (SRE) jobs
- Open Devops Engineer jobs
- Open Data Infrastructure Engineer jobs
- Open Senior Software Engineer - Site Reliability - Raleigh Hub jobs
- Open Kafka-related jobs
- Open REST-related jobs
- Open Unix-related jobs
- Open CloudFormation-related jobs
- Open Prometheus-related jobs
- Open Elasticsearch-related jobs
- Open DNS-related jobs
- Open Golang-related jobs
- Open S3-related jobs
- Open PowerShell-related jobs
- Open Jira-related jobs
- Open TCP-related jobs
- Open High availability-related jobs
- Open EC2-related jobs
- Open Grafana-related jobs
- Open Redis-related jobs
- Open JS-related jobs
- Open Virtualization-related jobs
- Open TCP/IP-related jobs
- Open Node-related jobs
- Open MongoDB-related jobs
- Open VMware-related jobs
- Open PostgreSQL-related jobs
- Open Gitlab-related jobs