Director, Cybersecurity

2 Months ago • 10 Years + • Cyber Security

Job Summary

Job Description

The Director of Cybersecurity at Thumbtack leads and manages the cybersecurity team, developing and implementing security policies, procedures, and standards. This role oversees incident response, risk management, and compliance, collaborating with various departments and external stakeholders. Responsibilities include strategic guidance on cybersecurity initiatives, ensuring alignment with business objectives, and fostering a culture of security awareness. The ideal candidate possesses a strong understanding of cybersecurity frameworks (NIST CSF, NIST RMF, ISO27001, SOC 2, PCI DSS), experience leading incident response, and deep technical knowledge of cybersecurity technologies. They will also serve as the primary point of contact for cybersecurity-related inquiries.
Must have:
  • Lead and manage cybersecurity team
  • Develop and implement cybersecurity policies
  • Oversee incident response activities
  • Strong understanding of cybersecurity frameworks
  • Deep technical knowledge of cybersecurity technologies
  • Excellent communication skills
Good to have:
  • Programming knowledge (Golang, Python, PHP)
  • Understanding of ITIL, CAN-SPAM, TCPA
Perks:
  • Virtual-first working model
  • 20 company holidays
  • WiFi reimbursements
  • Cell phone reimbursements
  • Employee Assistance Program

Job Details

A home is the biggest investment most people make, and yet, it doesn’t come with a manual. That's why we’re building the only app homeowners need to effortlessly manage their homes —  knowing what to do, when to do it, and who to hire. With Thumbtack, millions of people care for what matters most, and pros earn billions of dollars through our platform. And as one of the fastest-growing companies in a $600B+ industry — we must be doing something right. 

We are driven by a common goal and the deep satisfaction that comes from knowing our work supports local economies, helps small businesses grow, and brings homeowners peace of mind. We’re seeking people who continually put our purpose first: advocating for pros and customers, embracing change, and choosing teamwork every day.

At Thumbtack, we're creating a new era of home care. If making an impact and the chance to do good inspires you, join us. Imagine what we’ll build together. 

Thumbtack by the Numbers

  • Available nationwide in every U.S. county
  • Over 85 million projects started on Thumbtack
  • More than 11 million 5-star reviews and counting
  • Pros earn billions on our platform
  • 1000+ employees 
  • $3.2 billion valuation (June, 2021) 

About the Cybersecurity Team

The Cybersecurity team at Thumbtack serves as an internal cybersecurity advisory and auditing body, dedicated to preserving the confidentiality, integrity, and accessibility of information systems, identities, and data assets. Our primary objectives include offering proactive security guidance, establishing and upholding a robust and secure infrastructure, and promoting a culture of security consciousness and adherence across the organization. We are responsible for supervising the implementation and management of all cybersecurity initiatives.

About the Role

The Director of Cybersecurity oversees all aspects of the organization's cybersecurity strategy, including risk management, incident response, compliance, and awareness training. They make quick and effective decisions to address security challenges and provide recommendations to mitigate risks. Collaborating with various departments and external stakeholders, they ensure alignment with organizational goals and regulatory requirements. Ultimately, they foster a culture of security awareness and compliance to protect data and information systems for employees, pros, and customers.

Responsibilities 

  • Lead and manage the cybersecurity team, including hiring, training, and performance management.
  • Provide strategic direction and guidance on cybersecurity initiatives, ensuring alignment with business objectives.
  • Develop and implement cybersecurity policies, procedures, and standards in alignment with industry best practices and regulatory requirements.
  • Oversee incident response activities, including detection, analysis, containment, eradication, and recovery from cybersecurity incidents.
  • Stay abreast of emerging cyber threats, vulnerabilities, and technologies to continuously improve the organization's security posture.
  • Collaborate with internal stakeholders, including IT, legal, compliance, and business units, to ensure cybersecurity requirements are integrated into business processes.
  • Serve as the primary point of contact for cybersecurity-related inquiries from internal and external stakeholders, including clients, auditors, and regulators.

What you’ll need

If you don't think you meet all of the criteria below but still are interested in the job, please apply. Nobody checks every box, and we're looking for someone excited to join the team.

  • Bachelor's degree in Computer Science, Information Security, or related field. Master's degree preferred.
  • Certified Information Systems Security Professional (CISSP) or equivalent certification.
  • Minimum of 10 years of experience in cybersecurity, with a proven track record of leadership and team management.
  • Strong understanding of cybersecurity and privacy frameworks and standards, including NIST CSF, NIST RMF, ISO27001, SOC 2, PCI DSS.
  • Experience leading incident response activities, including forensics, investigations, and coordination with law enforcement.
  • Deep technical knowledge of cybersecurity technologies, tools, and techniques, including intrusion detection/prevention systems, SIEM, endpoint protection, and encryption.
  • Excellent communication and interpersonal skills, with the ability to effectively communicate cybersecurity risks and recommendations to non-technical stakeholders.

Bonus points if you have

  • Programming knowledge (Golang, Python, PHP, UNIX shell scripting, etc)
  • Understanding of IT and information security principles and best practices (e.g., ITIL, CAN-SPAM, TCPA)

Thumbtack is a virtual-first company, meaning you can live and work from any one of our approved locations across the United States, Canada or the Philippines.* Learn more about our virtual-first working model here.

#LI-Remote

Benefits & Perks
  • Virtual-first working model coupled with in-person events
  • 20 company-wide holidays including a week-long end-of-year company shutdown
  • Library (optional use collaboration & connection hub) in San Francisco
  • WiFi reimbursements 
  • Cell phone reimbursements (North America) 
  • Employee Assistance Program for mental health and well-being 

Learn More About Us

Thumbtack embraces diversity. We are proud to be an equal opportunity workplace and do not discriminate on the basis of sex, race, color, age, pregnancy, sexual orientation, gender identity or expression, religion, national origin, ancestry, citizenship, marital status, military or veteran status, genetic information, disability status, or any other characteristic protected by federal, provincial, state, or local law. We also will consider for employment qualified applicants with arrest and conviction records, consistent with applicable law. 

Thumbtack is committed to working with and providing reasonable accommodation to individuals with disabilities. If you would like to request a reasonable accommodation for a medical condition or disability during any part of the application process, please contact: recruitingops@thumbtack.com

If you are a California resident, please review information regarding your rights under California privacy laws contained in Thumbtack’s Privacy policy available at https://www.thumbtack.com/privacy/ .

Similar Jobs

ION - Senior Technical Consultant – IT2

ION

Central Sulawesi, Indonesia (On-Site)
6 Months ago
Nielsen Holdings - Sr. Data Engineer - (Big Data, Spark, Scala, Python, AWS, RDBMS, SQL) (copy)

Nielsen Holdings

Bengaluru, Karnataka, India (Hybrid)
6 Months ago
PwC - IN- Senior Associate_ DevOps_Advisory Corporate_Advisory _Bangalore

PwC

Bengaluru, Karnataka, India (On-Site)
6 Months ago
NVIDIA - Senior HPC Technical Support Engineer - Ethernet

NVIDIA

Durham, North Carolina, United States (On-Site)
2 Months ago
Nielsen Holdings - Sr. Data Engineer - (Big Data, Spark, Scala, Python, AWS, RDBMS, SQL)

Nielsen Holdings

Gurugram, Haryana, India (Hybrid)
6 Months ago
Tencent - Data Compliance Manager

Tencent

Shenzhen, Guangdong Province, China (On-Site)
3 Months ago
ION - Junior Cyber Security Analyst

ION

Pisa, Tuscany, Italy (Hybrid)
6 Months ago
NVIDIA - System Software Engineer - Android Platform Security

NVIDIA

Seoul, South Korea (On-Site)
1 Month ago
The Walt Disney Company - Marine & Technical Machinery Systems Specialist

The Walt Disney Company

Celebration, Florida, United States (On-Site)
2 Months ago
ByteDance - Physical Security Trainee-2025 Start

ByteDance

Singapore (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Info Stretch - Lead Data Engineer

Info Stretch

Pune, Maharashtra, India (On-Site)
5 Months ago
Saviynt - Technical Lead, Professional Services

Saviynt

Atlanta, Georgia, United States (Remote)
6 Months ago
ByteDance - Site Reliability Engineer, Edge Services

ByteDance

Boston, Massachusetts, United States (On-Site)
2 Months ago
ARHS - M365 Expert / System Admin

ARHS

Luxembourg (On-Site)
6 Months ago
NVIDIA - Senior Functional Test Engineer

NVIDIA

Yokne'am Illit, North District, Israel (On-Site)
3 Months ago
Paytm - Devops - Senior DevOps Engineer

Paytm

Noida, Uttar Pradesh, India (On-Site)
6 Months ago
Starkflow - Oracle SOA Consultant

Starkflow

New South Wales, Australia (Hybrid)
1 Month ago
Luxoft - Java Developer with React JS

Luxoft

Bengaluru, Karnataka, India (On-Site)
5 Months ago
Luxoft - Murex Front Office Support

Luxoft

Hyderabad, Telangana, India (On-Site)
5 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Ontario, Canada

Gamemode One  Inc  - QA Tester

Gamemode One Inc

Halifax, Nova Scotia, Canada (Hybrid)
1 Month ago
Salesforce - Prime Named Account Executive - MuleSoft - Bilingual (English/French)

Salesforce

Toronto, Ontario, Canada (Remote)
2 Months ago
Evolution - Online Game Presenter (Live Streaming Host)

Evolution

New Westminster, British Columbia, Canada (On_site)
3 Months ago
RaceRocks - Engineering Manager (distributed learning platform)

RaceRocks

British Columbia, Canada (Remote)
2 Months ago
Activision - Cloud Engineering Co-op

Activision

Vancouver, British Columbia, Canada (Hybrid)
2 Months ago
Highspot - Principal Frontend Web Engineer

Highspot

Vancouver, British Columbia, Canada (Hybrid)
6 Months ago
Extreme Network - Cloud Database Administrator (9466)

Extreme Network

Toronto, Ontario, Canada (Hybrid)
6 Months ago
Blackbird Interactive - Intermediate Software Engineer (Unreal Engine 5 – Multiplayer)

Blackbird Interactive

Vancouver, British Columbia, Canada (Hybrid)
1 Month ago
Digital Extremes - Game Designer - Enemies & Bosses

Digital Extremes

Ontario, Canada (Remote)
1 Month ago
DraftKings - Software Engineering Manager, Backend

DraftKings

Canada (Remote)
2 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

ION - Intermediate IT Auditor, Italy

ION

Collecchio, Emilia-Romagna, Italy (On-Site)
6 Months ago
Plarium - SecOps Team Lead

Plarium

Herzliya, Tel Aviv District, Israel (On-Site)
2 Months ago
Canva - Security Engineering Director - Detection & Response - Remote across ANZ

Canva

Adelaide, South Australia, Australia (Remote)
5 Months ago
Google - Senior Cyber Security Consultant, Google Public Sector

Google

Reston, Virginia, United States (On-Site)
3 Months ago
PwC - Endpoint Engineer - US Client (Olivos/Barracas)

PwC

Olivos, Buenos Aires Province, Argentina (On-Site)
5 Months ago
PwC - Consultant - Health Industries - Go To Market (GtM)

PwC

Brussels, Brussels, Belgium (On-Site)
3 Months ago
PwC - Digital Forensic and Electronic Discovery Expert – Senior Associate

PwC

Zürich, Zurich, Switzerland (On-Site)
6 Months ago
ION - Markets Governance, Risk and Controls Manager

ION

India (On-Site)
6 Months ago
The Walt Disney Company - Manager, Information Security Corrective Action

The Walt Disney Company

Burbank, California, United States (On-Site)
2 Months ago
Seedify - Cyber Security Specialist

Seedify

(On-Site)
10 Months ago

Get notifed when new similar jobs are uploaded