Senior Manager, Security Engineering - Purple Team

About The Position

Requirements

• 10+ years of progressive experience in cybersecurity with at least 3+ years in a management or leadership role
• Proven hands-on experience in Red Teaming, Detection Engineering, or Purple Teaming in a medium or large-scale organization
• Thorough understanding of attack tactics, techniques, and procedures (TTPs), MITRE ATT&CK framework, and defensive countermeasures
• Proficiency with common security tools and platforms (e.g., SIEMs, EDR, adversary emulation frameworks, breach simulators)
• Advanced knowledge of incident detection and response processes

Nice To Haves

• A degree in Cybersecurity, Computer Science, or a related field (or equivalent experience)
• Relevant industry certifications such as CISSP, OSCP, GIAC, CEH, etc.
• Strong leadership and project management skills, with a track record of delivering measurable results
• Exceptional verbal and written communication skills, with the ability to tailor messaging for technical and non-technical audiences

Responsibilities

• Define and execute the detection engineering strategy aligned with organizational security objectives
• Establish detection coverage goals across the MITRE ATT&CK framework and other threat models
• Present metrics, roadmaps, and program updates to senior leadership and stakeholders
• Recruit, hire, and retain top detection engineering talent
• Review and approve detection logic for accuracy, performance, and coverage
• Maintain awareness of emerging threats, attack techniques, and detection methodologies
• Collaborate with Threat Intelligence to translate threat research into actionable detections
• Partner with Incident Response to develop detections based on investigation findings
• Coordinate with IT and Engineering teams on log source onboarding and data quality
• Engage with compliance and risk teams to ensure regulatory detection requirements are met
• Design and execute comprehensive red team operations targeting Instacart's unique attack surface
• Develop annual red team roadmap aligned with business priorities and emerging threats to e-commerce platforms
• Collaborate with leadership to prioritize high-value targets and realistic threat scenarios
• Present findings and strategic recommendations to executive leadership
• Lead complex red team engagements simulating advanced persistent threats and organized cybercrime groups
• Conduct adversary emulation exercises based on threat intelligence relevant to retail, fintech, and logistics sectors
• Test security controls across cloud infrastructure, mobile applications, APIs, and internal networks
• Execute social engineering campaigns against employees, shoppers, and corporate functions
• Develop custom tooling, exploits, and tradecraft specific to Instacart's technology stack

Benefits

• Highly market-competitive compensation
• Remote work flexibility
• New hire equity grant and annual refresh grants