Senior Threat Hunting Engineer

<div class="content-intro"><p><strong>We're transforming the grocery industry</strong></p> <p><span class="im">At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.</span></p> <p>Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward. If you’re ready to do the best work of your life, come join our table.</p> <p><strong>Instacart is a Flex First team </strong></p> <p>There’s no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work—whether it’s from home, an office, or your favorite coffee shop—while staying connected and building community through regular in-person events. <a href="https://instacart.careers/remote/" target="_blank" data-saferedirecturl="https://www.google.com/url?q=https://instacart.careers/remote/source=gmailust=1651869232122000usg=AOvVaw37OlxP8hAKN7nq4YwHQH7e">Learn more about our flexible approach to where we work.</a></p></div><p><strong>Overview</strong></p> <p>Join Instacart's Incident Response organization as a Senior Threat Hunting Engineer, where you'll proactively hunt for threats across our complex infrastructure, conduct deep-dive forensic investigations, and build comprehensive attack timelines. This role requires an expert-level practitioner who can identify sophisticated adversaries, analyze attack patterns, and provide critical intelligence to protect our platform and users.</p> <p>You will work closely with Engineering, Detection, Red Team, Fraud, Trust Safety, and Legal to ensure Instacart understands its threat landscape and can rapidly respond to malicious activity.</p> <p>Instacart’s Security team protects our products, infrastructure, and ecosystem. We combine strong technical expertise, data-driven insights, and a proactive approach to keep our platform safe. Our Threat hunting function provides strategic, operational, and tactical intelligence to support decision‑making and improve detection, response, and resilience.</p> <p> </p> <p><strong>About the Job</strong></p> <p>Proactive Threat Hunting</p> <ul> <li>Design and execute hypothesis-driven threat hunting campaigns across cloud infrastructure, applications, and endpoints</li> <li>Identify anomalous behaviors, TTPs (Tactics, Techniques, and Procedures), and indicators of compromise (IOCs)</li> <li>Hunt for advanced persistent threats (APTs), insider threats, and supply chain compromises</li> <li>Develop custom detection logic and hunting queries (KQL, SPL, SQL) for SIEM and EDR platforms</li> <li>Continuously improve hunting methodologies based on emerging threat intelligence</li> </ul> <p>Incident Response Forensics</p> <ul> <li>Conduct comprehensive cyber forensic investigations across Linux, Windows, macOS, containers, and cloud environments</li> <li>Perform memory forensics, disk analysis, network traffic analysis, and log correlation</li> <li>Preserve and analyze digital evidence following chain-of-custody procedures</li> <li>Determine root cause, attack vectors, and lateral movement paths</li> </ul> <p><strong>About You</strong></p> <p>Minimum Qualifications</p> <ul> <li>6+ years in cybersecurity with 4+ years focused on threat hunting, incident response, or digital forensics</li> <li>Relevant certifications: GCFA, GCFE, GNFA, GREM, OSCP, GCIA, or similar</li> <li>Hands-on experience with major security incidents and breach investigations</li> <li>Deep understanding of attacker TTPs across the cyber kill chain</li> <li>Experience in hig ... (truncated, view full listing at source)