Infrastructure Security Engineer

Overview

We are looking for a security engineer with a passion for cloud infrastructure and zero trust architecture to join our security team. This intermediate role is tailored for those with a passion for security at scale, eager to delve into cloud and workload security, identity, and the principles of zero trust architecture. You'll contribute to safeguarding Instacart’s technology platform, ensuring secure access to our vast array of tools, data, and cloud environments. With us, you’ll embark on a journey to further secure Instacart’s platform, leveraging automation and creativity to maximize your impact on our company’s security posture.

Our goal is to run the world's most trusted and secure grocery technology platform. The infrastructure security function within the Instacart security team works with stakeholders in product development, infrastructure, IT, finance, legal, and other cross-functional departments to help design and implement effective solutions and controls to protect our most valuable assets.

About the Team

The security team at Instacart is responsible for ensuring the security and privacy of Instacart’s suite of products and the company as a whole. We believe that with the right mixture of tools and engineering prowess, we can secure our most important assets without negatively impacting employee or partner productivity.

In this role, you will continue to build out our next-generation access management controls, ensuring they’re both user-friendly and firmly secure. As part of this fast-moving team, you will have the chance to work on innovative cloud security controls and become a key contributor to our zero trust and cloud identity initiatives. This role will provide you opportunities for continuous learning, mentorship, and personal growth in a culture that values collaboration and innovation.

About the Job 

• Implement and maintain scalable security solutions, primarily in AWS, but also in our smaller footprints in Google Cloud Platform and Azure.
• Continue to enhance our cloud security posture by improving and maintaining best-in-class open-source and commercially-available solutions across our applications and infrastructure.
• Collaborate with cross-functional teams, including IT, security platform engineering, and infrastructure, to further remediate vulnerabilities, integrate zero trust principles, and advance our IAM practices.
• Engage in hands-on problem-solving, always seeking better ways to control and monitor our growing ecosystem while not increasing our alerting burden and minimizing the need for manual interventions.
• Participate in on-call rotations to support critical operations and respond promptly to security incidents.
• Share knowledge and mentor other team members, promoting a culture of continuous learning and improvement.

MINIMUM QUALIFICATIONS

• 2+ years of experience in the Information Security field, demonstrating a foundational knowledge in cloud security, cloud networking, identity management, and modern application architecture principles.
• Familiarity with cloud technologies, particularly those offered by AWS, and a keen interest in becoming an expert in infrastructure security.
• Basic skills in scripting or programming with Python, Ruby, or Go, aiming to automate security tasks and streamline operations with code or low-code tooling.
• A basic understanding of cloud IAM principles and zero trust architecture, motivated to learn and apply best practices in a real-world setting.
• A proactive approach to problem-solving, with a readiness to tackle security challenges in a rapidly evolving landscape at a high-speed technology company.
• Effective communication skills, capable of conveying security concepts and practices clearly to both technical and non-technical stakeholders.
• Experience running workloads in containerized environments, even if just locally.
• A curiosity about container security and the desire to explore security measures in ephemeral environments.
• A basic understanding of different types of security vulnerabilities, from application to host vulnerabilities.
• Willingness to learn and explore new technologies to help develop security best practices

PREFERRED QUALIFICATIONS

• Bachelor’s degree in Information Security, Computer Science, Computer Engineering, Software Engineering, or equivalent work experience.
• Experience with Infrastructure as Code (IaC) technologies, especially Terraform, but also fleet management solutions like Ansible or Chef.
• Some experience building or managing services responsible for authentication and authorization.
• Experience securing containers or containerization platforms, especially on Kubernetes or AWS ECS.
• Exposure to IAM tools and practices, with an eagerness to deepen expertise in access management and zero trust solutions.

#LI-Remote