Senior Infrastructure Security Engineer II

Overview
We’re seeking a Senior Infrastructure Security Engineer to join our security engineering organization. You will tackle complex, high‑scale challenges across Instacart’s platform — from securing systems supporting thousands of concurrent shoppers to protecting the services processing millions of real‑time data points.
As a senior member of the security team, you will drive foundational security initiatives, influence architectural decisions, and elevate engineering‑wide security practices. This role offers broad technical ownership and the chance to strengthen the security posture of a fast‑growing, highly distributed environment.

About the Job

As a Senior Infrastructure Security Engineer, you will:

• Lead security strategy and execution for AWS and GCP cloud environments.
• Architect, build, and deploy automated security controls and enforcement systems, such as:
• IAM governance and configuration management
• Container and host security (Docker, Kubernetes)
• Vulnerability management pipelines
• PKI and secret management tooling
• Collaborate with incident response teams to design and implement cloud‑native detection and response capabilities.
• Work closely with IT, SRE, and infrastructure teams to harden corporate, endpoint, and production systems.
• Provide security guidance to engineering and product teams, influencing service design and implementation.
• Mentor junior and mid‑level engineers and help develop long‑term security roadmaps.
• Participate in and help improve the on‑call rotation for critical security and infrastructure incidents.

About You
Minimum Qualifications

• 7+ years of experience in software engineer, infrastructure, and/or cloud with a deep focus in cloud/infra security engineering over the last few years.
• Deep expertise in AWS security; GCP or Azure experience is a plus.
• Strong programming experience (Python, Ruby, Go, or Shell) with a history of building internal tools or contributing to open‑source projects.
• 3–5 years of experience working with containerized environments and orchestration platforms (Docker, Kubernetes).
• Experience scaling infrastructure and enforcing controls using Terraform or other IaC tools.
• Strong understanding of distributed systems and service‑oriented architectures.
• Strong foundational knowledge of systems and networking (TCP/IP, kernel internals, memory management, file systems), especially on Linux.
• Ability to work collaboratively with engineering partners and navigate security vs. productivity trade‑offs.
• Highly desirable: hands‑on experience with attack patterns, adversary behaviors, and system‑specific hardening of one or more of:
• Windows / AzureAD
• Linux
• macOS

Preferred Qualifications

• Bachelor’s degree in Computer Science, Engineering, or equivalent experience.
• Experience leading security architecture reviews or cross‑team initiatives.

#LI-Remote