Senior Security Engineer, Cloud, AI, Product Security

Responsibilities

• Identify business-critical risks present within Instacart’s product and infrastructure.
• Analyze the risks and define remediation strategies with actionable roadmaps.
• Develop scalable systems to enable and encourage secure engineering patterns.
• Own and drive systemic improvements across engineering and other functions.
• Coach and mentor other engineers within the organization.

Requirements

• 5+ years of experience in Security Engineering or Offensive Security roles.
• 3+ years of experience performing code reviews and design reviews.
• Proficiency in at least one production language (Python, Go, or TypeScript) sufficient to build internal tooling.
• Hands-on Infrastructure-as-Code experience (Terraform, CloudFormation, or equivalent).
• Knowledge of security bug classes and best practice remediation techniques.
• Understanding of SaaS architectures, common risks, and threat models.
• Experience with Variant Analysis, Root Cause Analysis, or Secure Frameworks.

Nice-to-Haves

• Track record of security research, competitive hacking, or OSS contributions.
• Policy-as-code authoring at organization scope (OPA/Rego, Terraform Sentinel/equivalent) with disciplined test coverage and rollout/grandfathering strategies.
• Cloud Security Posture Management (CSPM) at scale — Wiz/Prisma/equivalent, including remediation programs spanning IaC findings and live threat findings (C2, credential abuse), plus running scan infrastructure across CI fleets.