Senior Infrastructure Security Engineer



Other Engineering
United States · British Columbia, Canada · Ontario, Canada · Canada · Remote
Posted on Thursday, March 21, 2024

We're transforming the grocery industry

At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.

Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward. If you’re ready to do the best work of your life, come join our table.

Instacart is a Flex First team

There’s no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work—whether it’s from home, an office, or your favorite coffee shop—while staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.


We are looking for a senior security engineer with a deep passion for cloud infrastructure and zero trust architecture to join our security team. This role is ideal for experienced security professionals who excel in security at scale, focusing on cloud and workload security, identity management, and modern containerized application architectures. In this role, you’ll be responsible for leveling up the security posture of our smaller subsidiaries and business units. You’ll be the first point of contact for Instacart’s in-house startups, working on new Instacart ventures like smart shopping carts, pricing intelligence, and in-store technologies that will radically change the way people shop. This role provides the fast-paced environment of a startup while still being part of a larger security organization. With us, you’ll embark on a journey to further secure Instacart’s platform and products, leveraging automation and creativity to maximize your impact on our company’s security posture.

Our goal is to run the world's most trusted and secure grocery technology platform. The infrastructure security function within the Instacart security team works with stakeholders in product development, infrastructure, IT, finance, legal, and other cross-functional departments to help design and implement effective solutions and controls to protect our most valuable assets.

About the Team

The security team at Instacart is responsible for ensuring the security and privacy of Instacart’s suite of products and the company as a whole. We believe that with the right mixture of tools and engineering prowess, we can secure our most important assets without negatively impacting productivity.

In this role, you will continue to build out our next generation of security controls in direct partnership with our subsidiaries and emerging products, ensuring they’re both user-friendly and firmly secure. As part of this fast-moving team, you will have the chance to work on innovative cloud security controls, web application security architectures, and our zero trust / cloud identity initiatives. This role will provide you opportunities for continuous learning, mentorship, and personal growth in a culture that values collaboration and innovation.

About the Job

  • Implement and maintain scalable security solutions, primarily in AWS, but also in our smaller footprints in Google Cloud Platform and Azure.
  • Advise on common best practices for secure application design and architecture.
  • Continue to enhance our cloud security posture by improving and maintaining best-in-class open-source and commercially-available solutions across our applications and infrastructure.
  • Collaborate with cross-functional teams, including IT, security platform engineering, and infrastructure, to further remediate vulnerabilities, integrate zero trust principles, and advance our IAM practices within our in-house startups.
  • Engage in hands-on problem-solving, always seeking better ways to control and monitor our growing ecosystem while not increasing our alerting burden and minimizing the need for manual interventions.
  • Participate in on-call rotations to support critical operations and respond promptly to security incidents.
  • Share knowledge and mentor other team members, promoting a culture of continuous learning and improvement.



  • 5+ years of experience in the Information Security field, demonstrating a foundational knowledge in cloud security, cloud networking, identity management, and modern application architecture principles.
  • Familiarity with cloud technologies, particularly those offered by AWS and GCP, and a keen interest in leveling up the security posture of Instacart’s newest and most exciting bets.
  • Knowledge of common back-end web technologies (such as Ruby on Rails, Python, Golang, SQL, etc.) in a large scale distributed system environment.
  • Effective communication skills, capable of conveying security concepts and practices clearly to both technical and non-technical stakeholders.
  • Some experience with threat modeling, security assessments, product security concepts, and security architecture reviews.
  • Skills in scripting or programming with Python, Ruby, or Go, aiming to automate security tasks and streamline operations with code or low-code tooling.
  • Experience with Infrastructure as Code (IaC) technologies, especially Terraform, and/or fleet management solutions like Ansible or Chef.
  • Working understanding of cloud IAM principles and zero trust architecture, motivated to learn and apply best practices in a real-world setting.
  • A proactive approach to problem-solving, with a readiness to tackle security challenges in a rapidly evolving landscape at a high-speed technology company.
  • Experience running production workloads in containerized environments.
  • A working knowledge of container security and the desire to explore new security measures in ephemeral environments.
  • Willingness to learn and explore new technologies to help develop security best practices.


  • Bachelor’s degree in Information Security, Computer Science, Computer Engineering, Software Engineering, or equivalent work experience.
  • An ability to create written work products and detailed technical documents to work effectively with cross functional teams and drive alignment on security objectives and plans.
  • Experience securing containers or containerization platforms, especially on Kubernetes or AWS ECS.
  • Breaker experience, such as web/application penetration testing.
  • Working knowledge of the best remediation techniques for different application vulnerabilities and the ability to explain them to product teams.
  • Exposure to IAM tools and practices, with an eagerness to deepen expertise in access management and zero trust solutions.