Instacart
Staff Infrastructure Security Engineer
Job Summary
The role involves driving and enhancing the security of Instacart's cloud infrastructure, primarily focusing on AWS with optional GCP expertise. The candidate will build automation tools, manage IAM, container security, and vulnerability mitigation, and collaborate closely with incident response and engineering teams. A strong background in cloud security, scripting, containerization, and networking is required, along with the ability to work in a fast-paced, scalable environment. The position offers remote work options, competitive benefits, and opportunities for career growth in security and engineering.
Required Skills
Benefits
Job Description
We're transforming the grocery industry
At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.
Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward. If you’re ready to do the best work of your life, come join our table.
Instacart is a Flex First team
There’s no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work—whether it’s from home, an office, or your favorite coffee shop—while staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.
About the Role
We're looking for an experienced Staff Infrastructure Security Engineer to join our fast moving team. We work on a range of interesting and challenging problems, from supporting thousands of concurrent shoppers and processing millions of data points in real time, to determining the best route for deliveries and predicting store inventory levels.
About the Team
At Instacart, we hold ourselves greatly responsible for protecting our customers', shoppers', partners' data and provide a secure platform to shop. As one of the key members of the security team, you will have a tremendous impact on Instacart's security posture and engineering culture. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, develop cross-functional technical and soft skills, in not just security, but engineering overall. Our platform is complex, rapidly scaling and processing millions of transactions in real-time, all of the time.
About the Job
- Drive and improve the security posture of our cloud infrastructure AWS & GCP environment.
- Build and deploy tools and services to automate enforcement of security baseline across our cloud infrastructure, including:
- IAM and configuration management
- Container and system security and vulnerability management
- PKI and secret management
- Partner with our incident response team to design and implement detection and response capability on our cloud Infrastructure
- Work closely with IT to harden and secure our corporate and endpoint infrastructure
- Provide advisory and consulting service to engineering, product and IT teams to ensure their services are built with security in mind
- Participate in the team’s on-call rotation and help drive critical infrastructure incidents to resolution
About You
Minimum Qualifications:
- Expertise in Cloud Infrastructure Security (AWS is a MUST with GCP or Azure strongly desirable)
- Strong experience in one or more of the following languages: Python, Ruby, Go, Shell and regularly commit code or contribute to open source projects
- Experience working with containerized environments and related orchestrations techniques (Docker and/or Kubernetes)
- Experience scaling infrastructure with code or deploying Terraform
- Functional understanding of distributed systems and service oriented architectures
- Strong system and networking fundamentals such as TCP/IP, kernel operations, memory and file system management, particularly on linux platforms
- Enjoy working collaboratively with internal customers and stakeholders and can navigate security/productivity trade-offs
Preferred Qualifications
- Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent work experience
- Knowledge of common attack patterns/TTP as well as hardening strategies for ONE or more of the following systems:
- Windows/AzureAD
- Linux
- OSX
#LI-Remote
Instacart provides highly market-competitive compensation and benefits in each location where our employees work. This role is remote and the base pay range for a successful candidate is dependent on their permanent work location. Please review our Flex First remote work policy here.
Offers may vary based on many factors, such as candidate experience and skills required for the role. Additionally, this role is eligible for a new hire equity grant as well as annual refresh grants. Please read more about our benefits offerings here.
For US based candidates, the base pay ranges for a successful candidate are listed below.
Instacart
A grocery delivery service allowing users to order from local stores and have items delivered by personal shoppers.
See more jobsSafe Remote Job Search Tips
Verify Employer Thoroughly
Research the company's identity thoroughly before applying. Check for a professional website with contacts, active social media, and LinkedIn profiles. Verify details across platforms and look for reviews on Glassdoor or Trustpilot to confirm legitimacy.
Never Pay to Get a Job
Legitimate employers never require payment for applications, training, background checks, or equipment. Always reject upfront payment requests or demands for bank details, even if they claim it's for purchasing necessary work gear on your behalf.
Safeguard Your Personal Information
Protect sensitive data like SSN, bank details, or ID copies. Share this only after accepting a formal, written job offer. Ensure it's submitted via a secure company system or portal, never through insecure channels like standard email attachments.
Scrutinize Communication & Interviews
Watch for communication red flags: poor grammar, generic emails (@gmail), vague details, or undue pressure. Be highly suspicious of interviews held only via text or chat apps; legitimate companies typically use video or phone calls.
Beware of Unrealistic Offers
If an offer's salary or benefits seem unrealistically high for the work involved, be cautious. Research standard pay for similar roles. Offers that appear 'too good to be true' are often scams designed to lure you into providing information or payment.
Insist on a Formal Contract
Always secure and review a formal, written job offer or employment contract before starting work or sharing final personal details. Ensure it clearly defines your role, compensation, key terms, and conditions to avoid misunderstandings or scams.