We're transforming the grocery industry
At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.
Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward. If you’re ready to do the best work of your life, come join our table.
Instacart is a Flex First team
There’s no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work—whether it’s from home, an office, or your favorite coffee shop—while staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.
Overview
Join Instacart's Incident Response organization as a Senior Threat Hunting Engineer, where you'll proactively hunt for threats across our complex infrastructure, conduct deep-dive forensic investigations, and build comprehensive attack timelines. This role requires an expert-level practitioner who can identify sophisticated adversaries, analyze attack patterns, and provide critical intelligence to protect our platform and users.
You will work closely with Engineering, Detection, Red Team, Fraud, Trust & Safety, and Legal to ensure Instacart understands its threat landscape and can rapidly respond to malicious activity.
Instacart’s Security team protects our products, infrastructure, and ecosystem. We combine strong technical expertise, data-driven insights, and a proactive approach to keep our platform safe. Our Threat hunting function provides strategic, operational, and tactical intelligence to support decision‑making and improve detection, response, and resilience.
About the Job
Proactive Threat Hunting
- Design and execute hypothesis-driven threat hunting campaigns across cloud infrastructure, applications, and endpoints
- Identify anomalous behaviors, TTPs (Tactics, Techniques, and Procedures), and indicators of compromise (IOCs)
- Hunt for advanced persistent threats (APTs), insider threats, and supply chain compromises
- Develop custom detection logic and hunting queries (KQL, SPL, SQL) for SIEM and EDR platforms
- Continuously improve hunting methodologies based on emerging threat intelligence
Incident Response & Forensics
- Conduct comprehensive cyber forensic investigations across Linux, Windows, macOS, containers, and cloud environments
- Perform memory forensics, disk analysis, network traffic analysis, and log correlation
- Preserve and analyze digital evidence following chain-of-custody procedures
- Determine root cause, attack vectors, and lateral movement paths
About You
Minimum Qualifications
- 6+ years in cybersecurity with 4+ years focused on threat hunting, incident response, or digital forensics
- Relevant certifications: GCFA, GCFE, GNFA, GREM, OSCP, GCIA, or similar
- Hands-on experience with major security incidents and breach investigations
- Deep understanding of attacker TTPs across the cyber kill chain
- Experience in high-scale cloud environments (AWS, GCP, or Azure)
- Understanding of e-commerce, payment systems, and mobile app security
Preferred Qualifications
- Background in offensive security or red teaming
- Experience with SOAR platforms and security automation
- Knowledge of machine learning for threat detection
Instacart provides highly market-competitive compensation and benefits in each location where our employees work. This role is remote and the base pay range for a successful candidate is dependent on their permanent work location. Please review our Flex First remote work policy here.
Offers may vary based on many factors, such as candidate experience and skills required for the role. Additionally, this role is eligible for a new hire equity grant as well as annual refresh grants. Please read more about our benefits offerings here.
For US based candidates, the base pay ranges for a successful candidate are listed below.
Top Skills
Similar Jobs
What you need to know about the Charlotte Tech Scene
Key Facts About Charlotte Tech
- Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
- Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
- Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
- Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
- Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus
