Senior Technical Program Manager, Cybersecurity & Compliance

Remote, United States

Full Time Senior-level / Expert
Thumbtack logo

Thumbtack

When you need to hire someone — a landscaper, a DJ, anyone — Thumbtack finds them for you for free. Get estimates right now from pros ready to do the job.

View all employer listings

Apply now Apply later

We’re the technology leader building the modern home management platform. Today, millions of people use Thumbtack to effortlessly manage their homes. We help them confidently know what to do, when to do it and who to hire. 

Our goal is simple: to be the only platform homeowners need to fix, maintain and improve their homes. As a long-term partner for homeowners, our promise is to turn what was once confusing and intimidating into something straightforward — and a lot less stressful.

At Thumbtack, we're not just creating a new era of homeownership. We’re supporting local economies and building stronger communities. Each day, we connect local professionals across America with busy homeowners so they can grow their businesses. 

Thumbtack is for everyone. Our customers and pros come from all walks of life and every county in the country. We want our team to reflect that. If you come from an underrepresented background in tech, we strongly encourage you to apply. 

Our North Star is bright and our ambitions are big. We’ve been at this for over a decade, but the way we see it: we’re just getting started.

Thumbtack by the Numbers

  • Available in all 3,143 U.S. counties.
  • Nearly 4.5 million customers in the last 12 months
  • Hundreds of thousands of local professionals on our platform
  • 65 million projects started on Thumbtack
  • Over 7 million 5-star reviews left for stellar pros

About the Technical Program Management and Engineering Teams

Technical Program Management partners with all areas of the business and development teams to drive our portfolio of technical projects and programs from request through implementation and ongoing lifecycle management.  It’s our mission to help all of Thumbtack get more done through technology and cross-functional coordination while optimizing value.

At Thumbtack, engineers at every level build products and systems that directly impact our customers and professionals. Our challenges span a wide variety of areas, ranging from architecting sound data and infrastructure to be leveraged across the company, to building search and booking experiences, to optimizing pricing systems, to building tools to help professionals grow their businesses. We believe in tackling these hard problems together as a team, with strong values around collaboration, ownership, and transparency. To read more about the hard problems that our team is taking on, visit our engineering blog.

About the Role

Thumbtack is looking for an experienced Technical Program Manager to build out and manage our company-wide Cybersecurity & Compliance program.  As the first dedicated TPM to cybersecurity and compliance at Thumbtack, we’re looking for the right person who’s excited about the unique and high impact opportunity to build something special.  You will lead complex, multi-disciplinary projects in a program that spans Engineering (data services, infrastructure, security, product), Legal, Finance, Business Applications, IT, Marketing, and Operations. Your initiatives will impact our internal and external users and require discipline, coordination, and execution across the company.  From deployment of new technology, to definition and enforcement of processes, to development of employee training and awareness, to coordinating incident response and remediation, you will provide input and direction on solution design and prioritization, clarify outcomes and metrics, manage schedules and dependencies, and communicate progress with stakeholders and business leaders.

Responsibilities

  • Partner with business and tech partners to develop a Cybersecurity & Compliance program strategy and drive quarterly and annual planning to identify, define, prioritize, and resource objectives, key results, and initiatives that support it
  • Collaborate with business and tech teams to define comprehensive requirements, come up with viable, scalable, future-proof solutions, and translate them into actionable project plans and tasks
  • Utilize agile project management framework and techniques to plan, document, and manage initiatives from conception through delivery and closure
  • Partner with Security team & stakeholders to establish company-wide awareness, participation, and adoption across all dimensions of security and compliance
  • Keep cross-functional stakeholders, contributors, executives, and other interested parties engaged, aligned on strategy and involvement, and up-to-date on project status and relevant details; escalate issues when necessary
  • Manage and coordinate privacy law compliance with the Data Privacy Officer, the Security Championship Program, Incident Response process, and security scorecard for the Board of Directors.

Must-Have Qualifications 

If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.

  • Bachelor’s degree in Computer Science or 5+ years of relevant experience in the field
  • Proven experience running large cross-functional security, data governance, privacy and/or compliance programs
  • Expert in agile project management, prioritization methodologies, and the software project lifecycle (design, build, test, release, feedback)
  • Excellent analytical and problem-solving skills; able to make thoughtful proposals, provide root cause analysis and demonstrate results through testing and metrics
  • Basic knowledge of web application development and operations, network traffic, potential security risks
  • Experience and understanding of application and infrastructure security standards and best practices
  • Ability to both think strategically at the program level and be hands on in day-to-day action

Nice-to-Have Qualifications

  • Previous hands-on engineering experience, preferably with a multi-platform user facing product
  • Experience building a Security & Compliance program from the ground up
  • Familiarity with security frameworks such as NIST CSF, NIST SP 800-x, COBIT, ISO-27001, PCI DSS
  • California Consumer Privacy Act expertise

More About Us

Thumbtack is a technology leader building the modern home management platform. Through the Thumbtack app, homeowners can effortlessly manage their homes — confidently knowing what to do, when to do it, and who to hire. Bringing the $500 billion home services industry online, Thumbtack empowers millions of homeowners to fix, maintain, and improve their most valuable asset. 

Founded in 2008, Thumbtack is backed by over $500 million in funding from folks that include Sequoia Capital, CapitalG, Tiger Global Management, Javelin Investment Partners, Baillie Gifford. 

Thumbtack is a virtual-first company, meaning you can live and work from any one of our approved locations across the United States, Ontario or the Philippines. When it is safe to gather, we will begin to host in-person events on a regular basis. Remote employees will be expected to travel occasionally for these events to a Thumbtack library or offsite team-building location. In cities with 5+ employees, we are establishing local communities, where employees can gather for local events. Additionally, employees in the San Francisco, Salt Lake City, Toronto and Manila areas will have opt-in access to communal workspace at one of our Thumbtack libraries. We always prioritize the health and safety of our employees. Currently, participation in these events and Thumbtack library use are optional. Both require employees to be fully vaccinated.

#LI-Remote

Thumbtack embraces diversity. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, sexual orientation, gender identity, religion, national origin, citizenship, marital status, veteran status, or disability status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

If you are a California resident, please review information regarding your rights under California privacy laws contained in Thumbtack’s Privacy policy available at https://www.thumbtack.com/privacy/.

Job perks/benefits: Team events Transparency
Job region(s): Remote/Anywhere North America
Job stats:  2  1  0
  • Share this job via
  • or

Explore more Information Security career opportunities