← all jobs

[Remote] Staff Application Security Engineer

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. Thumbtack is a platform that helps millions of people manage their home improvement projects. They are looking for a Staff Application Security Engineer to own the technical direction for application security, lead cross-functional security initiatives, and design secure architectures to enable fast and safe product delivery.

Responsibilities

  • Own the long-term technical direction for application security across Thumbtack. Build prioritized roadmaps and drive remediation of systemic security risks across the application stack
  • Lead large, cross-functional security initiatives from problem definition through delivery
  • Design secure-by-default architectures, standards, and paved paths for engineering teams. Design and implement shared security tooling, libraries, patterns, and services that enable engineering to ship quickly and safely. Embed security into CI/CD pipelines, cloud infrastructure, and developer workflows
  • Partner with engineering and product leaders to prioritize security investments based on risk, impact, and business goals
  • Lead application security design reviews, architectural discussions, and threat modeling for critical systems. Contribute code, reviews, and designs to address complex or novel security risks
  • Mentor engineers and raise the overall security bar through guidance and example
  • Support security incident response and drive learning through post-incident analysis

Skills

  • 8+ years of experience in software engineering and application security, including a strong understanding of secure coding practices and application security frameworks
  • Deep expertise in secure system design and architecture as well as modern application security tools, patterns, and practices (e.g. threat modeling, secure design patterns, authentication and authorization, secrets management, vulnerability discovery and remediation workflows)
  • Proven track record leading large, cross-functional technical initiatives with sustained impact
  • Strong experience securing modern, cloud-native systems (AWS and/or GCP)
  • Strong product intuition and analytical, risk-informed thinking, identifying where security investments will have the highest leverage and measurable impact. Ability to balance pragmatism and rigor, making thoughtful tradeoffs between risk, velocity, and maintainability
  • Strong sense of ownership and accountability, balancing hands-on technical execution with the ability to mentor others, raise standards, and drive organization-wide improvements in application security
  • Excellent written and verbal communication skills, with the ability to influence without authority and the ability to explain complex security issues to both technical and non-technical audiences

Company Overview

  • Thumbtack is a home services website connecting users with local service providers. It was founded in 2008, and is headquartered in San Francisco, California, USA, with a workforce of 1001-5000 employees. Its website is https://www.thumbtack.com.
  • Company H1B Sponsorship

  • Thumbtack has a track record of offering H1B sponsorships, with 7 in 2026, 35 in 2025, 48 in 2024, 39 in 2023, 53 in 2022, 69 in 2021, 47 in 2020. Please note that this does not guarantee sponsorship for this specific role.
  • More open positions

    [Remote] Senior Vertical Marketing Manager

    Work from home Full-time role

    [Remote] Facility Compliance Consultant I - SW

    Work from home Full-time role

    [Remote] UX Quality / Design Ops

    Work from home Full-time role

    [Remote] Commercial Account Executive | Alabama (Birmingham/Hoover/Tuscaloosa Area)

    Work from home Full-time role

    [Remote] Staff Technical Product Manager, Ads ML Platform

    Work from home Full-time role

    Fieldwork Coordinator (Resource Manager) in Spain (Freelance contracted, flexible)

    Work from home Full-time role

    Customer Service Representative – Remote New Member Onboarding Specialist (Entry Level)

    Work from home Full-time role

    [Remote] Senior Software Engineer (Provider Directory & Scheduling)

    Work from home Full-time role

    Epic Analyst, Community Connect Reporting, Security

    Work from home Full-time role

    Remote Customer Service Representative – Home‑Based Support Specialist for careerzynith

    Work from home Full-time role

    Legal - Contracts Manager - Senior

    Work from home Full-time role

    Senior Service Engineer - 3D Printing

    Work from home Full-time role

    (Entry Level, No Experience) Remote Data Entry Google Jobs $25/Hr – Amazon Store

    Work from home Full-time role

    Full Stack Developer (React Native / Node.js / TypeScript)

    Work from home Full-time role

    Insurance Risk Analyst

    Work from home Full-time role

    Business Development and Proposal Development Consultant Roster

    Work from home Full-time role

    Staff, Security Engineer (App & Product Sec)

    Work from home Full-time role

    Multi-Cloud Architect

    Work from home Full-time role

    Human Resource Analyst 1

    Work from home Full-time role

    Remote Part-Time Evening Data Entry Specialist – Accuracy, Database Management & Work-From-Home Flexibility

    Work from home Full-time role

    Experienced Part-Time Remote Amazon Data Entry Specialist – E-commerce Operations Support

    Work from home Full-time role