← Back to jobs
Thumbtack
Thumbtack

Staff Application Security Engineer

engineeringfull-timeWorldwide
SALARY
$221k – $286k/yr
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
general
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

About the Role

We partner closely with Product, Engineering, Platform, and Data teams to shape system design, guide architectural decisions, and evolve security practices across the organization.

Responsibilities

  • Lead large, cross-functional security initiatives from problem definition through delivery
  • Design secure-by-default architectures, standards, and paved paths for engineering teams
  • Design and implement shared security tooling, libraries, patterns, and services that enable engineering to ship quickly and safely
  • Embed security into CI/CD pipelines, cloud infrastructure, and developer workflows
  • Partner with engineering and product leaders to prioritize security investments based on risk, impact, and business goals
  • Lead application security design reviews, architectural discussions, and threat modeling for critical systems
  • Contribute code, reviews, and designs to address complex or novel security risks
  • Mentor engineers and raise the overall security bar through guidance and example
  • Support security incident response and drive learning through post-incident analysis

Required Qualifications

  • 8+ years of experience in software engineering and application security
  • Strong understanding of secure coding practices and application security frameworks
  • Deep expertise in secure system design and architecture
  • Knowledge of modern application security tools, patterns, and practices (threat modeling, secure design patterns, authentication and authorization, secrets management, vulnerability discovery and remediation workflows)
  • Proven track record leading large, cross-functional technical initiatives with sustained impact
  • Strong experience securing modern, cloud-native systems (AWS and/or GCP)
  • Strong product intuition and analytical, risk-informed thinking
  • Strong sense of ownership and accountability
  • Excellent written and verbal communication skills with ability to influence without authority
  • Ability to explain complex security issues to both technical and non-technical audiences
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now
Staff Application Security Engineer at Thumbtack — Remote