Senior Detection Engineer
About The Position
Instacarts Detection Engineering team sits at the core of our Security organization, building and operating the systems that identify, surface, and respond to threats across one of North America's largest grocery technology platforms. We own the full detection lifecycle — from telemetry collection and signal design to automated response — across a complex, cloud-native environment spanning endpoint, cloud, container, and SaaS. As a Senior Detection Engineer, you'll be a technical anchor on the team: developing high-fidelity detection logic, hunting for novel attacker techniques, and raising the bar for how we think about coverage, quality, and scale. You'll work closely with Engineering, Red Team, Incident Response, Fraud, and Trust & Safety to ensure our detections reflect real-world adversary behavior — not just signatures. We operate with a detection-as-code mindset: everything we build is versioned, tested, and deployed through repeatable pipelines. We care deeply about reducing noise, improving analyst efficiency through automation and SOAR, and continuously evolving our coverage as the threat landscape shifts. If you're energized by hard forensic problems, enjoy translating attacker TTPs into durable detection logic, and want to help shape the future of a growing security function, this role is for you.
Requirements
- 5+ years of experience in a detection engineering, incident response, or offensive security role.
- Experience with 1 or more public cloud platforms (AWS, Azure, GCP)
- Deep understanding of attacker TTPs across modern zero trust environments, including identity compromise, token theft, and abuse of trust boundaries
- Proficient understanding of macOS internals and telemetry available to identify macOS specific threats
- Experience implementing detection-as-code workflows including version control, peer review processes, automated testing, and CI/CD deployment pipelines
- Basic proficiency with Python, Golang, or other programming languages
- Relevant certifications: GCFA, GCFE, GNFA, GREM, OSCP, GCIA, or similar
Nice To Haves
- Background in offensive security or red teaming
- Knowledge of machine learning for threat detection
Responsibilities
- Develop, tune, document, and maintain detection logic across multiple log sources including endpoint, cloud, container, and SaaS products.
- Assist in cyber forensic investigations across a variety of log sources
- Optimize log ingestion pipelines and telemetry collection to ensure high-quality, actionable security data while managing volume and cost
- Design and build SOAR playbooks and automation workflows to streamline detection triage, enrichment, and response actions
- Mentor junior security analysts and detection engineers on threat hunting methodologies, detection logic development, and investigation techniques
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
Number of Employees
501-1,000 employees
