Engineering Manager, Security Detection and Response
We're transforming the grocery industry
Instacart is the North American leader in online grocery and one of the fastest-growing companies in e-commerce. Since 2012, we’ve been working towards creating a world where everyone has access to the food they love and more time to enjoy it together.
Groceries delivered to your door in as little as an hour. It seems simple, right? Well, it’s more complex than that. From re-routing deliveries during snowstorms, to connecting customers with coupons and deals for their favorite brands, to updating over half a billion grocery data lines every night...our efforts bring Instacart closer to being the operating system for the grocery industry.
Solving these problems is what helps our customers get back time in their day, so they can do more of what they love.
Introducing Our Hybrid Working Model
As the future of work evolves, so do we. We have a hybrid model where our roles are open to in-office, flex, or remote work. Learn more about our flexible approach to where we work.
OVERVIEW
We're looking for an experienced security leader to join our fast moving team. We work on a range of interesting and challenging problems, from supporting thousands of concurrent shoppers and processing millions of data points in real time, to determining the best route for deliveries and predicting store inventory levels.
Our goal is to run the world's most trusted and secure grocery delivery platform. We work across all layers of our infrastructure to ensure we deploy trustworthy systems and protect our customers’, shoppers’, and partners’ data.
As one of the key members of the Security Team, you will have a tremendous impact on Instacart's security posture and engineering culture. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, develop cross-functional technical and soft skills. Our platform is complex, rapidly scaling and processing millions of transactions in real-time, all of the time.
ABOUT THE JOB
- Lead and develop our security detection and incident response program and capabilities
- Help define the strategy for security operations, anomaly detection and incident management
- Design, implement, Monitor and Continuously Improve security infrastructure, production services, systems, and processes
- Scale security operations and incident response capabilities to meet Instacart’s needs
- Ensure visibility over critical signals and systems, plan for and respond to security events
- Evaluate, prototype, implement, and support security-focused tools and services
- Partner with senior leaders across Instacart to help deliver company-wide security initiatives around the areas of Detection & Response
- Maintain strong knowledge of current threat intelligence, mitigations and security operational best practices
- Establish credibility as a trusted advisor to stakeholders including partners, executives, and peers
ABOUT YOU
- Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering or equivalent work experience
- 7+ years of experience in the Information Security field, including operational security monitoring experience
- Highly experienced in building out a Security Operations Center (SOC), either on your own or as a senior contributor with capability to move into a role where you will lead this effort
- Proficient monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, endpoint security solutions, file integrity monitoring tools, application and operating system logs
- Proven experience in the successful delivery of large, complex, high-volume logging pipelines using modern scalable architectures and technologies
- Experience with AWS or GCP environments
- Working development or scripting skills (i.e. Python, Java, shell scripting)
- Ability to design and write custom intrusion detection system (IDS) rules
- Experience configuring security incident and event management tools (SIEM - such as Splunk, ArcSight, Symantec SIM, LogLogic, SumoLogic), including creating event filtering and correlation rules and reports
- Experience with large-scale web applications and backend services, including API design, access management, authorization, authentication, data protection and encryption
- Solid understanding of common application and infrastructure security vulnerabilities and mitigations
- Superior communication skills - ability to serve as a security advocate and evangelist
- Demonstrated technical foundation with a business-savvy mindset and an innate ability to translate technical vulnerabilities into comprehensive organizational risks for senior leadership
- Strong ties with the broader security community to attract and hire great talent
- Bonus Points – Active contributor to the security community (Security research, CVEs, bug-bounty recognitions, open-source, blogs, publications…)