Infrastructure Security Engineer
OVERVIEW
We're looking for experienced Engineers to join our fast moving team. We work on a range of interesting and challenging problems, from supporting thousands of concurrent shoppers and processing millions of data points in real time, to determining the best route for deliveries and predicting store inventory levels.
At Instacart, we hold ourselves greatly responsible for protecting our customers', shoppers', partners' data and provide a secure platform to shop. As one of the early members of the security team, you will have a tremendous impact on Instacart's security posture and engineering culture. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, develop cross-functional technical and soft skills, in not just security, but engineering overall. Our platform is complex, rapidly scaling and processing millions of transactions in real-time, all of the time.
ABOUT THE JOB
- Help secure infrastructure for our platform's AWS and GCP environments
- Build, deploy and maintain tools to help with threat detection, incident response, vulnerability management, and abuse
- Deploy and maintain security log aggregation and detection system
- Design and implement detection and remediation controls around AWS and GCP Infrastructure
- Handle infrastructure security incidents and perform investigations
- Evaluate and recommend infrastructure security tools
- Create, review and maintain RBAC policies across AWS, GCP and Kubernetes in line with the principles of least privilege
ABOUT YOU
- Experience with Python, Go, Terraform, Docker, Kubernetes or the desire to learn them quickly
- Experience with Cloud Infrastructure Security (AWS/GCP) and SOA patterns
- Ability to understand application and system architectures holistically
- Dexterity to identify, analyze, scope, contain and eradicate real-world threats
- Strong desire to automate current challenges to be able to focus on the next
- Strong Linux fundamentals
- Networking knowledge, including network security and segmentation
Desirable:
- Experience with GDPR, CCPA and SOC2 compliance
- Experience triaging/resolving security vulnerabilities in the application layer
- Experience working with highly ephemeral environments