We're transforming the grocery industry
At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.
Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward. If you’re ready to do the best work of your life, come join our table.
Instacart is a Flex First team
There’s no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work—whether it’s from home, an office, or your favorite coffee shop—while staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.
Overview
We are looking for a highly skilled Senior Security Engineer to join our dynamic security team. We work on a range of interesting and challenging problems, from supporting thousands of concurrent shoppers and processing millions of data points in real time, to developing and enhancing internal tools, addressing vulnerabilities, and managing secrets. A successful candidate will play a critical role in ensuring the security and integrity of our products throughout their lifecycle. This position requires a deep understanding of security principles, the ability to identify and mitigate potential vulnerabilities and a proactive approach to safeguarding our technology platform.
Our goal is to run the world's most trusted and secure technology platform. The product security function within the Instacart security team works with product development, infrastructure, IT, finance, legal, and other cross-functional stakeholders to design and implement scalable solutions and effective controls to protect our most valuable assets.
About the Team
The security team at Instacart is responsible for ensuring the security and privacy of Instacart’s suite of products and the company as a whole. We believe that with the right mixture of tools and engineering prowess, we can secure our most important assets without negatively impacting productivity. We pride ourselves on fostering a collaborative and inclusive environment where continuous learning and growth is encouraged.
You will be a key member of the Security Engineering team that is responsible for developing security-focused features and frameworks for Instacart. Ideally a hybrid builder/breaker, you will have an opportunity to lead high impactful projects across the platform and assist in defining the internal team processes. You will be directly influencing the security posture of many products and systems across the company.
About the Job
- Design, implement and ship high-quality security features for product and internal tools across Instacart.
- Deploy and operationalize a variety of open source and commercially available security tools and frameworks, including static and dynamic analysis, secret scanning,and IDS tools.
- Conduct comprehensive security design reviews of new and existing products to identify potential security risks and develop mitigation strategies.
- Collaborate with cross-functional teams, including engineering and product to integrate security best practices into the software development process.
- Advise on common best practices for security application design and architecture.
- Participate in on-call rotations to support critical operations and respond to incidents with urgency.
- Share knowledge and mentor other team members, promoting a culture of continuous learning and growth.
About You
MINIMUM QUALIFICATIONS
- 5+ years of experience in Security Engineering or Software Engineering, demonstrating a strong grasp of product security concepts and principles
- Strong knowledge of common back-end web technologies (such as Ruby on Rails, Python, Golang, SQL, etc.) in a large scale distributed system environment
- Experience with threat modeling, security assessments, product security concepts, and security architecture reviews
- An ability to make data-driven decisions & prioritize initiatives that improve key security metrics
- An ability to balance a sense of urgency with shipping high-quality and pragmatic solutions.
- Strong self-management and organizational skills
- Experience developing tools and automation using common devops toolsets and programming languages (such as Python, Ruby, or Go)
PREFERRED QUALIFICATIONS
- Bachelor’s degree in Computer Science, Engineering, Math or related work experience
- In depth knowledge on the best remediation techniques for different application vulnerabilities and the ability to explain them to product teams
- An ability to create written work products and detailed technical documents to work effectively with cross functional teams and drive alignment on security objectives and plans.
- Breaker experience, such as web/application penetration testing
- Experience working with highly ephemeral environments
- A security-related or architecture-related certification such as CISSP, OSCP, CEH