Senior Detection Engineer

Instacart is transforming the grocery industry by providing essential services that customers rely on for grocery and household goods. As a Senior Detection Engineer, you'll develop detection logic, assist in cyber forensic investigations, and mentor junior analysts while working in a flexible environment that encourages collaboration and innovation.

Responsibilities:

• Develop, tune, document, and maintain detection logic across multiple log sources including endpoint, cloud, container, and SaaS products
• Assist in cyber forensic investigations across a variety of log sources
• Optimize log ingestion pipelines and telemetry collection to ensure high-quality, actionable security data while managing volume and cost
• Design and build SOAR playbooks and automation workflows to streamline detection triage, enrichment, and response actions
• Mentor junior security analysts and detection engineers on threat hunting methodologies, detection logic development, and investigation techniques

Requirements:

• 5+ years of experience in a detection engineering, incident response, or offensive security role
• Experience with 1 or more public cloud platforms (AWS, Azure, GCP)
• Deep understanding of attacker TTPs across modern zero trust environments, including identity compromise, token theft, and abuse of trust boundaries
• Proficient understanding of macOS internals and telemetry available to identify macOS specific threats
• Experience implementing detection-as-code workflows including version control, peer review processes, automated testing, and CI/CD deployment pipelines
• Basic proficiency with Python, Golang, or other programming languages
• Relevant certifications: GCFA, GCFE, GNFA, GREM, OSCP, GCIA, or similar
• Background in offensive security or red teaming
• Knowledge of machine learning for threat detection