Senior Incident Commander
Instacart is seeking an experienced Senior Incident Commander to join our Security Incident Response team. In this critical role, you'll serve as a key responder and coordinator for security incidents, including data breaches and privacy events. You'll work at the intersection of technical investigation, executive communication, and cross-functional coordination to protect our customers, partners, and business.
About the Job
Lead Incident Response: Serve as incident commander for security incidents, coordinating response efforts across technical teams, legal, communications, privacy, and executive leadership.
Breach Management: Manage end-to-end breach response activities, including containment, eradication, recovery, and post-incident analysis.
Privacy Incident Handling: Lead privacy-related incidents with expertise in regulatory requirements (GDPR, CCPA, etc.), working closely with Privacy and Legal teams on notification obligations.
Executive Communication: Translate complex technical incidents into clear, actionable briefings for C-level executives and board members.
Stakeholder Coordination: Partner with Legal, Communications, Privacy, Customer Support, and other teams to ensure coordinated incident response.
Process Improvement: Continuously refine incident response playbooks, procedures, and escalation paths based on lessons learned.
Tabletop Exercises: Design and facilitate incident response exercises to maintain team readiness.
About You
Minimum Qualifications:

• 7+ years of hands-on security incident response experience
• Proven track record managing data breaches and security incidents from detection through resolution
• Privacy incident expertise: Direct experience handling privacy incidents, including regulatory notifications and working with Data Protection Authorities
• Executive communication skills: Demonstrated ability to brief C-suite executives and board members during high-pressure situations
• Cross-functional leadership: Experience coordinating with Legal, Communications, Privacy, and other non-technical stakeholders during incidents
• Strong understanding of incident response frameworks (ISO/IEC 27035-2:2023, etc.)
• Knowledge of common attack vectors, TTPs, and threat actor methodologies
• Experience with security tools (SIEM, EDR, forensics platforms)
• Understanding of privacy regulations (GDPR, CCPA, HIPAA, etc.)

Preferred Qualifications:

• Industry certifications such as GCIH, GCFA, GCIA, CISSP, or CISM
• Experience in e-commerce, retail, or marketplace environments
• Background in digital forensics and malware analysis
• Experience with cloud security (AWS, GCP)
• Familiarity with threat intelligence platforms and frameworks (MITRE ATT&CK)

Instacart provides highly market-competitive compensation and benefits in each location where our employees work. This role is remote and the base pay range for a successful candidate is dependent on their permanent work location. Offers may vary based on many factors, such as candidate experience and skills required for the role. Additionally, this role is eligible for a new hire equity grant as well as annual refresh grants.