Senior Security Engineer II

At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.

Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward. If you’re ready to do the best work of your life, come join our table.

There’s no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work—whether it’s from home, an office, or your favorite coffee shop—while staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.

The CAPS team at Instacart is responsible for securing Cloud infrastructure, AI systems, and Product surfaces. We work closely with all other engineering teams, enabling them to roll out new product features and internal productivity systems in a secure way. Members of the CAPS team assume ownership of security risks and find solutions that mitigate whole classes of vulnerabilities.

• Identify business-critical risks present within Instacart’s product and infrastructure.
• Analyze the risks and define remediation strategies with actionable roadmaps.
• Develop scalable systems to enable and encourage secure engineering patterns.
• Own and drive systemic improvements across engineering and other functions.
• Coach and mentor other engineers within the organization.

• 5+ years of experience in Security Engineering or Offensive Security roles.
• 3+ years of experience performing code reviews and design reviews.
• Knowledge of security bug classes and best practice remediation techniques.
• Understanding of SaaS architectures, common risks, and threat models.
• Experience with Variant Analysis, Root Cause Analysis, or Secure Frameworks.

• Track record of security research, competitive hacking, or OSS contributions.

#LI-Remote