Instacart is hiring an

Engineering Manager, Systems Framework

San Francisco, United States



We're looking for an experienced security leader to join our fast moving team. We work on a range of interesting and challenging problems, from supporting thousands of concurrent shoppers and processing millions of data points in real time, to determining the best route for deliveries and predicting store inventory levels.

Our goal is to run the world's most trusted and secure grocery delivery platform. We work across all layers of our infrastructure to ensure we deploy trustworthy systems and protect our customers’, shoppers’, and partners’ data.

As one of the key members of the Security Team, you will have a tremendous impact on Instacart's security posture and engineering culture. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, develop cross-functional technical and soft skills. Our platform is complex, rapidly scaling and processing millions of transactions in real-time, all of the time.


  • Lead and develop our security detection and incident response program and capabilities 
  • Help define the strategy for security operations, anomaly detection and incident management
  • Design, implement, Monitor and Continuously Improve security infrastructure, production services, systems, and processes
  • Scale security operations and incident response capabilities to meet Instacart’s needs
  • Ensure visibility over critical signals and systems, plan for and respond to security events
  • Evaluate, prototype, implement, and support security-focused tools and services
  • Partner with senior leaders across Instacart to help deliver company-wide security initiatives around the areas of Detection & Response
  • Maintain strong knowledge of current threat intelligence, mitigations and security operational best practices
  • Establish credibility as a trusted advisor to stakeholders including partners, executives, and peers


  • 7+ years of experience in the Information Security field, including operational security monitoring experience
  • Highly experienced in building out a Security Operations Center (SOC), either on your own or as a senior contributor with capability to move into a role where you will lead this effort
  • Proficient monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, endpoint security solutions, file integrity monitoring tools, application and operating system logs
  • Proven experience in the successful delivery of large, complex, high-volume logging pipelines using modern scalable architectures and technologies 
  • Experience with AWS or GCP environments
  • Working development or scripting skills (i.e. Python, Java, shell scripting)
  • Ability to design and write custom intrusion detection system (IDS) rules
  • Experience configuring security incident and event management tools (SIEM - such as Splunk, ArcSight, Symantec SIM, LogLogic, SumoLogic), including creating event filtering and correlation rules and reports
  • Experience with large-scale web applications and backend services, including API design, access management, authorization, authentication, data protection and encryption
  • Solid understanding of common application and infrastructure security vulnerabilities and mitigations 
  • Superior communication skills - ability to serve as a security advocate and evangelist
  • Demonstrated technical foundation with a business-savvy mindset and an innate ability to translate technical vulnerabilities into comprehensive organizational risks for senior leadership
  • Strong ties with the broader security community to attract and hire great talent 
  • Bonus Points – Active contributor to the security community (Security research, CVEs, bug-bounty recognitions, open-source, blogs, publications…)