Senior Risk and Compliance Automation Engineer
We're transforming the grocery industry
At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.
Instacart has become a lifeline for millions of people, and weâre building the team to help push our shopping cart forward. If youâre ready to do the best work of your life, come join our table.
Instacart is a Flex First team
Thereâs no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best workâwhether itâs from home, an office, or your favorite coffee shopâwhile staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.
Overview
Instacart is hiring a Senior Risk & Compliance Automation Engineer to scale its Governance, Risk & Compliance (GRC) program through engineered automation. This senior individual contributor role emphasizes engineering and leverage GRC background to design and build end-to-end automation systems â including evidence pipelines, real-time control checks, automated workflows, dashboards, and risk data pipelines. Youâll partner with GRC subject matter experts to confirm requirements and create scalable systems they can operate independently, while serving as the automation SME for troubleshooting, system design, and expanding capabilities. Early priorities focus on automating compliance across the Common Controls Framework and core GRC processes to improve efficiency, effectiveness, and data quality. The role also to establish structured, automation-ready risk data foundations that support reporting, KRIs, control maturity insights, and scenario-ready datasets.
About the Job
In this role, you will:
⢠Design and build automation for GRC processes, including evidence collection, control validations, realâtime control effectiveness checks, and broader GRC workflows (e.g., risk register, Third Party Risk assessments, enterprise systems controls definition).
⢠Use AIânative tools (Cursor, Claude Code, MCP integrations) to rapidly build recurring scripts, agents, and automations, prioritizing speed and scalability.
⢠Build integrations across Snowflake, Databricks, Jira, GitHub, Okta, cloud APIs, and internal systems to unify and automate control evidence.
⢠Design data pipelines that aggregate and normalize riskârelevant data across Snowflake, Databricks, Jira, GitHub, Okta, and security tooling to support KRIs, controlâmaturity insights, and risk dashboards.
⢠Build dashboards and operational views that present risk trends, scenario inputs, and controlâmaturity indicators alongside auditâreadiness status.
⢠Mentor and upskill GRC teammates on automation patterns, enabling them to run and maintain systems.
⢠Serve as the SME for automated workflows when issues arise, partnering with GRC team members to validate expected behavior and troubleshoot gaps.
⢠Develop vendorâagnostic automation solutions, using orchestration tools where helpful but writing custom code when needed.
⢠Contribute to scalable onboarding of new subsidiaries by templating automation patterns that apply across diverse business units.
About You
You have a strong technical foundation and a passion for modernizing risk and compliance practices.
Minimum Qualifications
⢠BS Degree in Computer Science or Engineering, or a related field (or equivalent practical experience).
⢠8+ years in compliance automation, backend engineering, SRE, GRC engineering, or similar technical fields.
⢠Strong experience in Python, SQL, and SaaS/cloud API integrations (Snowflake, Databricks, AWS, Okta, Jira, GitHub).
⢠Demonstrated ability to automate GRC processes (evidence pipelines, control checks, dashboards, or similar).
⢠Experience building data pipelines or structured reporting for risk, security, or compliance programs.
⢠AIânative working style; daily use of Cursor, Claude Code, MCP workflows, or equivalent.
⢠Experience building recurring automations that are reliable but not necessarily productionâgrade (scripts, agents, services).
⢠Understanding of security and compliance frameworks (SOC2, PCI, ISO27001, NIST CSF, privacy).
Preferred Qualifications
⢠Experience with GRC automation platforms (e.g., Tines, ZenGRC, Hyperproof, Drata, or equivalent).
⢠Familiarity with risk metrics, scenario modeling inputs, or controlâmaturity frameworks (not required to perform quantification).
⢠Experience automating controls across multiâsubsidiary or multiâproduct environments.
⢠Comfort with policyâasâcode concepts or infrastructure scanning patterns.
⢠Familiarity with realâtime control monitoring and drift detection.
⢠Experience building dashboards for security/compliance programs.
Instacart provides highly market-competitive compensation and benefits in each location where our employees work. This role is remote and the base pay range for a successful candidate is dependent on their permanent work location. Please review our Flex First remote work policy here.
Offers may vary based on many factors, such as candidate experience and skills required for the role. Additionally, this role is eligible for a new hire equity grant as well as annual refresh grants. Please read more about our benefits offerings here.
For US based candidates, the base pay ranges for a successful candidate are listed below.
CA, NY, CT, NJ
$218,000â$230,000 USD
WA
$209,000â$220,500 USD
OR, DE, ME, MA, MD, NH, RI, VT, DC, PA, VA, CO, TX, IL, HI
$200,000â$211,000 USD
All other states
$182,000â$192,000 USD
Apply tot his job
Apply To this Job
At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.
Instacart has become a lifeline for millions of people, and weâre building the team to help push our shopping cart forward. If youâre ready to do the best work of your life, come join our table.
Instacart is a Flex First team
Thereâs no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best workâwhether itâs from home, an office, or your favorite coffee shopâwhile staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.
Overview
Instacart is hiring a Senior Risk & Compliance Automation Engineer to scale its Governance, Risk & Compliance (GRC) program through engineered automation. This senior individual contributor role emphasizes engineering and leverage GRC background to design and build end-to-end automation systems â including evidence pipelines, real-time control checks, automated workflows, dashboards, and risk data pipelines. Youâll partner with GRC subject matter experts to confirm requirements and create scalable systems they can operate independently, while serving as the automation SME for troubleshooting, system design, and expanding capabilities. Early priorities focus on automating compliance across the Common Controls Framework and core GRC processes to improve efficiency, effectiveness, and data quality. The role also to establish structured, automation-ready risk data foundations that support reporting, KRIs, control maturity insights, and scenario-ready datasets.
About the Job
In this role, you will:
⢠Design and build automation for GRC processes, including evidence collection, control validations, realâtime control effectiveness checks, and broader GRC workflows (e.g., risk register, Third Party Risk assessments, enterprise systems controls definition).
⢠Use AIânative tools (Cursor, Claude Code, MCP integrations) to rapidly build recurring scripts, agents, and automations, prioritizing speed and scalability.
⢠Build integrations across Snowflake, Databricks, Jira, GitHub, Okta, cloud APIs, and internal systems to unify and automate control evidence.
⢠Design data pipelines that aggregate and normalize riskârelevant data across Snowflake, Databricks, Jira, GitHub, Okta, and security tooling to support KRIs, controlâmaturity insights, and risk dashboards.
⢠Build dashboards and operational views that present risk trends, scenario inputs, and controlâmaturity indicators alongside auditâreadiness status.
⢠Mentor and upskill GRC teammates on automation patterns, enabling them to run and maintain systems.
⢠Serve as the SME for automated workflows when issues arise, partnering with GRC team members to validate expected behavior and troubleshoot gaps.
⢠Develop vendorâagnostic automation solutions, using orchestration tools where helpful but writing custom code when needed.
⢠Contribute to scalable onboarding of new subsidiaries by templating automation patterns that apply across diverse business units.
About You
You have a strong technical foundation and a passion for modernizing risk and compliance practices.
Minimum Qualifications
⢠BS Degree in Computer Science or Engineering, or a related field (or equivalent practical experience).
⢠8+ years in compliance automation, backend engineering, SRE, GRC engineering, or similar technical fields.
⢠Strong experience in Python, SQL, and SaaS/cloud API integrations (Snowflake, Databricks, AWS, Okta, Jira, GitHub).
⢠Demonstrated ability to automate GRC processes (evidence pipelines, control checks, dashboards, or similar).
⢠Experience building data pipelines or structured reporting for risk, security, or compliance programs.
⢠AIânative working style; daily use of Cursor, Claude Code, MCP workflows, or equivalent.
⢠Experience building recurring automations that are reliable but not necessarily productionâgrade (scripts, agents, services).
⢠Understanding of security and compliance frameworks (SOC2, PCI, ISO27001, NIST CSF, privacy).
Preferred Qualifications
⢠Experience with GRC automation platforms (e.g., Tines, ZenGRC, Hyperproof, Drata, or equivalent).
⢠Familiarity with risk metrics, scenario modeling inputs, or controlâmaturity frameworks (not required to perform quantification).
⢠Experience automating controls across multiâsubsidiary or multiâproduct environments.
⢠Comfort with policyâasâcode concepts or infrastructure scanning patterns.
⢠Familiarity with realâtime control monitoring and drift detection.
⢠Experience building dashboards for security/compliance programs.
Instacart provides highly market-competitive compensation and benefits in each location where our employees work. This role is remote and the base pay range for a successful candidate is dependent on their permanent work location. Please review our Flex First remote work policy here.
Offers may vary based on many factors, such as candidate experience and skills required for the role. Additionally, this role is eligible for a new hire equity grant as well as annual refresh grants. Please read more about our benefits offerings here.
For US based candidates, the base pay ranges for a successful candidate are listed below.
CA, NY, CT, NJ
$218,000â$230,000 USD
WA
$209,000â$220,500 USD
OR, DE, ME, MA, MD, NH, RI, VT, DC, PA, VA, CO, TX, IL, HI
$200,000â$211,000 USD
All other states
$182,000â$192,000 USD
Apply tot his job
Apply To this Job