Instacart is transforming the grocery industry by providing essential services that customers rely on for grocery and household goods. As a Senior Detection Engineer, you'll develop detection logic, assist in cyber forensic investigations, and mentor junior analysts while working in a flexible environment that encourages collaboration and innovation.
Responsibilities:
- Develop, tune, document, and maintain detection logic across multiple log sources including endpoint, cloud, container, and SaaS products
- Assist in cyber forensic investigations across a variety of log sources
- Optimize log ingestion pipelines and telemetry collection to ensure high-quality, actionable security data while managing volume and cost
- Design and build SOAR playbooks and automation workflows to streamline detection triage, enrichment, and response actions
- Mentor junior security analysts and detection engineers on threat hunting methodologies, detection logic development, and investigation techniques
Requirements:
- 5+ years of experience in a detection engineering, incident response, or offensive security role
- Experience with 1 or more public cloud platforms (AWS, Azure, GCP)
- Deep understanding of attacker TTPs across modern zero trust environments, including identity compromise, token theft, and abuse of trust boundaries
- Proficient understanding of macOS internals and telemetry available to identify macOS specific threats
- Experience implementing detection-as-code workflows including version control, peer review processes, automated testing, and CI/CD deployment pipelines
- Basic proficiency with Python, Golang, or other programming languages
- Relevant certifications: GCFA, GCFE, GNFA, GREM, OSCP, GCIA, or similar
- Background in offensive security or red teaming
- Knowledge of machine learning for threat detection