AppSec Jobs
← Back to all jobs

Thumbtack

Security Engineer (App Sec and Cloud Infra)

Ontario, CanadaWebsite

Full details on LinkedIn

The complete job description, requirements, and application details are available on the original posting.

About Thumbtack

Thumbtack is an online marketplace founded in 2008 in San Francisco, California. It connects customers with local professionals for various home services and improvement projects across the United States. The platform hosts around 300,000 active local professionals and facilitates five million projects annually, serving over 10 million users. As a remote, virtual-first company, Thumbtack has raised over $698 million in funding from notable investors. It has evolved from a directory-style service to an AI-enhanced matching platform, offering features like automated recommendations and project advice. Users can search and compare services in nearly 1,100 categories, including plumbing, painting, and wedding photography. Thumbtack emphasizes user-friendly tools for professionals to create detailed profiles, helping them connect with potential customers effectively.

Industry

information technology & services

Employees

1,700

203 engineers

Revenue

$400M

Website

Visit →

Security at Thumbtack

Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.

3 Intel Signals

Security Philosophy

  • Thumbtack's Application Security philosophy centers on 'making the secure path the easiest path' to enable innovation at scale.
  • They prioritize building secure defaults, paved paths, and reusable building blocks rather than acting as a gatekeeper.
  • Their risk philosophy involves prioritizing security investments based on risk, impact, and business goals, ensuring security evolves without slowing down innovation.

Security Team

The security team functions as an 'internal cybersecurity advisory and auditing body.' Key public-facing leaders include Vrushali Dharmadhikari (Senior Information Security), Ambles Kwok (Champion of holistic cybersecurity strategy), and Adriano Sela Aviles (Senior Application Security Engineer). Specific reporting lines and total team size are not publicly available.

Key Initiatives

  • Thumbtack practices 'Shift Left' by integrating security controls into CI/CD pipelines and applying secure-by-default patterns during system design.
  • They perform security reviews for systems and architectures.
  • No evidence was found for a formal Security Champions program or specific vulnerability management SLAs (MTTR).

Preparing for an AppSec interview?

Get the weekly briefing 2,000+ security pros trust.