Senior Cybersecurity Manager

We’re the technology leader building the modern home management platform. Today, millions of people use Thumbtack to effortlessly manage their homes. We help them confidently know what to do, when to do it and who to hire. 

Our goal is simple: to be the only platform homeowners need to fix, maintain and improve their homes. As a long-term partner for homeowners, our promise is to turn what was once confusing and intimidating into something straightforward — and a lot less stressful.

At Thumbtack, we're not just creating a new era of homeownership. We’re supporting local economies and building stronger communities. Each day, we connect local professionals across America with busy homeowners so they can grow their businesses. 

Thumbtack is for everyone. Our customers and pros come from all walks of life and every county in the country. We want our team to reflect that. If you come from an underrepresented background in tech, we strongly encourage you to apply. 

Our North Star is bright and our ambitions are big. We’ve been at this for over a decade, but the way we see it: we’re just getting started.

Thumbtack by the Numbers

• Available in all 3,143 U.S. counties.
• Nearly 4.5 million customers in the last 12 months
• Hundreds of thousands of local professionals on our platform
• 65 million projects started on Thumbtack
• Over 7 million 5-star reviews left for stellar pros

About the Team

This role will be part of the Global Information Security team. This team consists of a security application engineer, security infrastructure engineer, technical program manager, cyber security analyst, and compliance analyst. This team is in charge of the overall security processes within the organization and ensures alignment with Thumbtack’s business objectives. Members of this team are responsible for advocating and educating security best practices throughout the organization. 

About the Role

As a Senior Information Security (Cybersecurity) Manager, you are a guardian of data and cybersecurity: you think on your feet and can make quick and effective decisions for every information security situation that may arise within the organization. You are keen on details, have a good understanding of the Philippine Cybersecurity regulations, and can analytically assess processes, systems, data, and events relevant to Information Security. You are able to provide valuable recommendations to the management team and mitigate security risks; thereby contributing to providing our employees, pros, and customers the utmost information security that they deserve.  

This role will be an individual contributor with the potential to evolve to a people manager position should there be a need to grow the team, or as may be required by the business in the future. 

Key Duties & Responsibilities

As a Senior Information Security Manager, you will be the “Analyst-in-chief” in Thumbtack PH when it comes to assessing an information security situation and responding appropriately. You will own the implementation, execution, and monitoring of Information Security processes and procedures in compliance with Thumbtack’s policies and government regulations. You will help in ensuring that the IS Framework, IS Strategic Plan, and IS Programs are aligned with both the Global IS and Thumbtack’s business goals. 

• Working closely with the Global IS Director, TPH & US IT, and SiteOps Managers 
• Monitor regional network, system and tooling usage to ensure compliance with global security policies
• Partner with IT Systems & Network, IT Endpoint, and Platform Engineering to monitor, assess vulnerabilities, develop and implement plans to improve our security posture.
• Keep up to date with developments in IT security standards and threats
• Perform penetration tests to find any flaws and creating mitigation plans
• Simulate security breaches and creating disaster recovery plans
• Collaborate with management and the IT department to improve security
• Seek to build in security during the development stages of SaaS/software, systems, networks, and cloud platforms 
• Document any security breaches, assess their damage, and liaise with the concerned government agency if necessary
• Educate colleagues about security software and best practices for information security
• Recommend, test, and evaluate security products as needed

Must-Have Qualifications

If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.

• Bachelor’s Degree in Information Technology, Computer Science, Computer Engineering, or related fields
• At least 8 years of relevant work experience in IT and Information Security and IT
• IS Certification in CompTIA Security+ is highly preferred
• Working knowledge of different security technologies and concepts such as but not limited to VA/PT, SIM/SIEM, DLP gateway, and endpoints, IPS/IDS, WAF, CASB, Cloud security, IAM, Cyber Incident Response, Digital Forensics
• Working knowledge on different IT domains – Network, Infrastructure, Systems Administration, Software Development, Database Administration, Change Management, Incident Management
• Strong knowledge and experience in building control frameworks and has the ability to design and evaluate the effectiveness of controls in compliance with the Philippine IS requirements
• Excellent oral and written communication skills

Nice-to-Have Qualifications

• IS Certifications such as CISM, CISA, CISSP, etc. 
• Programming knowledge (Golang, Python, PHP, UNIX shell scripting, etc. )
• Understanding of IT and information security principles and best practices (e.g., ITIL, ISO 27001)
• PCI-DSS compliance experience and certification

More About Us

Thumbtack is a technology leader building the modern home management platform. Through the Thumbtack app, homeowners can effortlessly manage their homes — confidently knowing what to do, when to do it, and who to hire. Bringing the $500 billion home services industry online, Thumbtack empowers millions of homeowners to fix, maintain, and improve their most valuable asset. 

Founded in 2008, Thumbtack is backed by over $500 million in funding from folks that include Sequoia Capital, CapitalG, Tiger Global Management, Javelin Investment Partners, Baillie Gifford. 

• See what it’s like to work here  
• Meet the pros who inspire us
• Follow us on LinkedIn  
• Discover our virtual first plan

While Thumbtack is a virtual-first company, meaning employees have the flexibility to live and work from any one of our approved locations across the United States, Ontario or the Philippines, this role is closely aligned with our day-to-day Thumbtack library operations and is expected to report to the Thumbtack library in Manila on a regular cadence when it is safe to resume in-person operations.

Thumbtack embraces diversity. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, sexual orientation, gender identity, religion, national origin, citizenship, marital status, veteran status, or disability status.