Senior Risk & Compliance Engineer

Overview

About the Role -

Join Instacart's dynamic Governance Risk and Compliance (GRC) team as a Senior Risk & Compliance Engineer. In this impactful role, you will identify and mitigate technology and business risks across Security, Financial Systems and Platforms, and Privacy. Your work will help safeguard Instacart's critical operations, data integrity, and regulatory compliance. Leveraging an engineering mindset, you'll innovate beyond traditional compliance approaches, using automation and continuous improvement techniques to reduce risk while enhancing operational efficiency.

About the Team - 

Our GRC team works within the Chief Information Security Organization (CISO), partnering closely with Security, Infrastructure and Product Engineering as well as cross-functional teams in Legal and Finance. Together, we tackle risks associated with data integrity, financial systems, security compliance, and privacy regulations. Guided by Instacart's values of collaboration and ownership, we take pride in fostering a "Go Far Together" spirit, emphasizing proactive problem-solving and collective accountability.

About the Job -

You’ll play a leading role in influencing Instacart’s GRC strategies and practices by:

• Designing, building, consulting and optimizing risk-based controls across Security, Financial Systems, and Privacy domains, with a focus on automation and continuous monitoring.
• Driving rationalization and standardization of controls across multiple compliance frameworks (e.g., SOX, SOC 2, PCI, HIPAA, Privacy regulations).
• Collaborating with Internal and External Audit teams to streamline audit processes, ensuring readiness and well-organized evidence.
• Supporting the development and implementation of GRC tooling and automation to improve evidence collection, control monitoring, and reporting through scalable, efficient processes.
• Building partnerships with Engineering, Product, Legal, and Finance teams to integrate compliance considerations into their workflows and foster a shared responsibility model.
• Identifying and addressing emerging risks with a deep understanding of Instacart’s business and technology landscape.

About You

Minimum Qualifications

You have a strong technical foundation and a passion for modernizing risk and compliance practices.

• BA/BS Degree in Computer Science, Engineering, Management Information Systems, or a related field (or equivalent practical experience).
• 5+ years of professional experience in Compliance Engineering, Big 4 Consulting/Auditing, GRC, Financial Systems, Security, and/or Privacy compliance within the technology industry.
• Proven expertise in designing, implementing, and monitoring controls across technology domains (e.g., access management, change management, data security, privacy).
• Deep understanding of risk management principles, with the ability to effectively assess, prioritize, and mitigate risks.
• Excellent verbal and written communication skills, as well as collaboration skills that influence stakeholders across teams and levels.
• Demonstrated ability to lead cross-functional initiatives and thrive in a fast-paced, evolving environment.

Preferred Qualifications

• Familiarity with compliance automation solutions and GRC tools.
• Experience with cloud platforms like AWS or GCP and modern development practices (e.g., DevOps, CI/CD).
• Expertise in mapping and identifying common controls across multiple compliance frameworks.
• Relevant certifications such as CISA, CISM, CPA, CISSP, or equivalent.
• Experience building data reconciliation or data quality monitoring solutions.
• A proactive, forward-thinking approach with a passion for automating manual processes and tackling GRC challenges creatively.