Instacart
Senior Security Engineer, Infrastructure
Vaga remota de Security com fit claro de localização do candidato.
PublicadaAdicionada recentemente
Países elegíveis1 país aceito
Sinal de senioridadeSenior
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Estados Unidos
Resumo da vaga
Senior Security Engineer, Infrastructure
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
About the Job
- Identify business-critical risks across Instacart's cloud accounts, identity stack, AI/agent platforms, and product services.
- Define remediation strategies that scale: prefer guardrails and platform changes over one-off fixes.
- Build secure-by-default primitives — policy-as-code, paved-road infra modules, identity and access frameworks — that make the safe path the easy path for product teams.
- Operate the SaaS and internal security platforms that back those guardrails (CSPM, IAM governance, vulnerability management, AMI/image supply chain, secrets, audit) and extend them with internal tooling when off-the-shelf falls short.
- Lead investigations, root-cause incidents and findings, and drive variant analysis across the codebase to make sure a class of bug is gone — not just one instance.
- Coach and mentor engineers across security and other functions.
About You
- 5+ years in security engineering, with depth in at least two of: cloud security (AWS/GCP), identity & access engineering, vulnerability management at scale, or secure infrastructure platform engineering.
- 3+ years of experience performing code reviews and design reviews.
- Proficiency in Python or TypeScript sufficient to build and maintain internal services (APIs, scanners, dashboards) — not just glue scripts.
- Working knowledge of cloud IAM (roles, trust policies, federation, SCPs/org policies) and the attack paths it enables when misconfigured.
- Hands-on Infrastructure-as-Code experience (Terraform, CloudFormation, or equivalent).
- Experience driving a remediation program end-to-end: discovery → ownership routing → fix → measurement → prevention.
- Understanding of SaaS architectures, common risks, and threat models.
- Experience with Variant Analysis, Root Cause Analysis, or Secure Frameworks.
About You
- Track record of security research, competitive hacking, or OSS contributions.
- Track record building internal security platforms that other engineers actually adopt — IAM attack-path analysis, vulnerability management, supply-chain/AMI pipelines, secrets management, GRC automation, or similar.
- Policy-as-code authoring at organization scope (OPA/Rego, Terraform Sentinel/equivalent) with disciplined test coverage and rollout/grandfathering strategies.
- Cloud Security Posture Management (CSPM) at scale — Wiz/Prisma/equivalent, including remediation programs spanning IaC findings and live threat findings (C2, credential abuse), plus running scan infrastructure across CI fleets.
- Identity governance experience with a modern IGA stack (ConductorOne, Sailpoint, Veza, or equivalent) including just-in-time access, auto-approval policies, and SoD constraints.
- Experience securing AI/LLM platforms — model gateways, agent frameworks, MCP servers, prompt injection mitigations — or strong appetite to build that practice from a cloud-security foundation.
Vagas similares
Mantenha uma lista reserva.
AWS, TypeScript 13 países aceitos
Senior Software EngineerBaltimore BannerVer vaga AWS, TypeScript 8 países aceitos
Talent Community| Senior JavaScript Full Stack EngineerHiring teamVer vaga AWS, Python 13 países aceitos
Senior Backend Engineer (AdTech)Leap ToolsVer vaga AWS, Python 13 países aceitos
Senior Backend EngineerLeap ToolsVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.