Senior Manager, Cybersecurity
Remote, Ontario
Applications have closed
Thumbtack
Find local pros, compare prices and book home services in a few simple steps. Thumbtack makes caring for your home easier.A home is the biggest investment most people make, and yet, it doesn’t come with a manual. That's why we’re building the only app homeowners need to effortlessly manage their homes — knowing what to do, when to do it, and who to hire. With Thumbtack, millions of people care for what matters most, and pros earn billions of dollars through our platform. And as one of the fastest-growing companies in a $500B industry — we must be doing something right.
We are driven by a common goal and the deep satisfaction that comes from knowing our work supports local economies, helps small businesses grow, and brings homeowners peace of mind. We’re seeking people who continually put our purpose first: advocating for pros and customers, embracing change, and choosing teamwork every day.
At Thumbtack, we're creating a new era of home care. If making an impact and the chance to do good inspires you, join us. Imagine what we’ll build together.
Thumbtack by the Numbers
- Available nationwide in all 3,143 U.S. counties
- 70 million projects started on Thumbtack
- More than 4 million customers in the last 12 months
- Pros earn billions on our platform
- More than 8 million 5-star reviews for our stellar pros
- 1000+ employees and $3.2 billion valuation (June, 2021)
About the Information Security Team
Our Information Security team is an internal cybersecurity consultation and audit team for whose mission is to safeguard the confidentiality, integrity, and availability of information systems, identity, and data assets by providing proactive security expertise, creating and maintaining a resilient and secure infrastructure, and fostering a culture of security awareness and compliance throughout Thumbtack. We oversee the development and execution of all cybersecurity programs.
Challenges
Challenges are opportunities in disguise. Some opportunities that you can make a difference:
- People: continue growing the cybersecurity team in size and expertise. You will be challenged to develop existing members’ careers and learn from their expertise.
- Product: Thumbtack has many product lines. We aim to weave cybersecurity application development best practices into the fabrics of Thumbtack products.
- Process: continue formalizing many policies, processes, procedures, etc. This is also an opportunity for defining these best practices from the ground up.
About the Role
As an Information Security Manager, you are a guardian of data and cybersecurity. You can make quick and effective decisions for every information security situation that may arise within the organization. You can provide valuable recommendations to the team and mitigate security risks, thereby providing our employees, pros, and customers the utmost information security they deserve.
Responsibilities
- Lead a team of information security specialists, analysts, engineers
- Monitor regional network, system, and tooling usage to ensure compliance with global security policies
- Partner with IT Systems & Network, IT Endpoint, and Platform Engineering to monitor, assess vulnerabilities and develop and implement plans to improve our security posture
- Perform penetration tests to find any flaws and create mitigation plans
- Simulate security breaches and create disaster recovery plans
- Seek to build in security during the development stages of SaaS/software, systems, networks, and cloud platforms and educate colleagues about security software and best practices for information security
- Document any security breaches, assess their damage and liaise with the concerned government agency if necessary
Must-Have Qualifications
If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.
- Bachelor’s Degree in Information Technology, Computer Science, Computer Engineering, or related fields
- At least eight years of relevant work experience in application and information security, especially in the cloud computing environment
- At least five years of experience in team management
- Information security certification in CompTIA Security+ is highly preferred.
- Working knowledge of different security technologies and concepts such as but not limited to VA/PT, SIM/SIEM, DLP gateway, and endpoints, IPS/IDS, WAF, CASB, Cloud security, IAM, Cyber Incident Response, Digital Forensics
- Working knowledge of different IT domains – Network, Infrastructure, Systems Administration, Software Development, Database Administration, Change Management, Incident Management
- Strong knowledge and experience in building control frameworks and can design and evaluate the effectiveness of controls in compliance with the United States IS requirements
Nice-to-Have Qualifications
- Information Security Certifications such as CISM, CISA, CISSP, etc.
- Programming knowledge (Golang, Python, PHP, UNIX shell scripting, etc)
- Understanding of IT and information security principles and best practices (e.g., ITIL, ISO 27001)
- PCI-DSS compliance experience and certification
Thumbtack is a virtual-first company, meaning you can live and work from any one of our approved locations across the United States, Ontario or the Philippines. When it is safe to gather, we will begin to host in-person events on a regular basis. Remote employees will be expected to travel occasionally for these events to a Thumbtack library or offsite team-building location. In cities with 5+ employees, we are establishing local communities, where employees can gather for local events. Additionally, employees in the San Francisco, Salt Lake City, Toronto and Manila areas will have opt-in access to communal workspace at one of our Thumbtack libraries. We always prioritize the health and safety of our employees. Currently, participation in these events and Thumbtack library use are optional. Both require employees to be fully vaccinated.
#LI-Remote
Benefits & Perks- Virtual-first working model coupled with quarterly in-person events and Camp Thumbtack
- 20+ company-wide holidays including two week-long shutdowns
- Libraries (collaborative workspaces) in San Francisco, Salt Lake City, Toronto, and Manila
- Stipends for remote work support, home office set-up and internet
- Subscriptions and Employee Assistance Program for mental health and well-being
- Cell Phone Reimbursement, Thumbtack services (North America only)
Thumbtack embraces diversity. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, pregnancy, sexual orientation, gender identity or expression, religion, national origin, ancestry, citizenship, marital status, military or veteran status, genetic information, disability status, or any other characteristic protected by federal, provincial, state, or local law. We also will consider for employment qualified applicants with arrest and conviction records, consistent with applicable law. If you are a California resident, please review information regarding your rights under California privacy laws contained in Thumbtack’s Privacy policy available at https://www.thumbtack.com/privacy/.
Thumbtack is committed to working with and providing reasonable accommodation to individuals with disabilities. If you would like to request a reasonable accommodation for a medical condition or disability during any part of the application process, please contact recruitingops@thumbtack.com.
*Currently, Thumbtackers can live anywhere in Ontario or British Columbia, Canada or the Philippines or in any of the following US states: AZ, CA, CO, CT, FL, GA, HI, ID, IL, IN, KS, KY, MD, MA, MI, MN, MO, NE, NV, NH, NJ, NM, NY, NC, OH, OK, OR, PA, SC, TN, TX, UT, VA, WA, WI, Washington DC. Our long term vision is to hire across all of the United States and Canada, but this expansion will take a few years.
Tags: CISA CISM CISSP Cloud Compliance CompTIA Computer Science Forensics Golang IAM IDS Incident response IPS ISO 27001 ITIL PHP Privacy Python SaaS Scripting SIEM UNIX Vulnerabilities
Perks/benefits: Career development Health care Home office stipend Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Engineer jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Windows-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs