Senior Staff Risk & Compliance Engineer, IT SOX
United States - Remote
We're transforming the grocery industry
At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.
Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward. If you’re ready to do the best work of your life, come join our table.
Instacart is a Flex First team
There’s no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work—whether it’s from home, an office, or your favorite coffee shop—while staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.
Overview
About the Role -
Join Instacart's fast-moving Governance Risk and Compliance (GRC) team as a Senior Staff IT Risk & Compliance Engineer. In this role, you'll work on a range of challenging problems across technology risk domains, impacting Instacart's financial and retailer data integrity reporting requirements.
This role will lead our second line of defense efforts primarily in IT SOX controls, you will enhance accuracy and reliability in reporting, supporting our mission to serve customers, partners, and stakeholders with transparency and excellence. This role exemplifies our values of "Go Far Together" and "Roll Up Your Sleeves," as you work cross-functionally to design systems that empower everyone to succeed. This role is unique in that it will drive long term efficiency and efficacy by designing and advocating for solutions within our in house built platform powering Instacart experiences and business systems.
About the Team -
The GRC team designs, consults, advises and advocates for risk reduction as Instacart’s second line of defense technology risk function. We drive risk measurement, compliance certifications through collaboration with risk owners and audit assessments. We have a comprehensive mandate for technology related risk across financial transaction and reporting systems, Information Security, Privacy and the Governance supporting these domains.
The IT SOX program is supported by control owners across our Product, Infrastructure, Security, IT, Financial Systems and People Tech teams. We work closely with Internal Audit to evaluate controls and effectively operate our external audit programs.
Within the GRC team we have team members focused on Data Integrity to support financial statements and leverage the tools we build to support additional customer focused Data Integrity mandates. The team sits under our CISO organization where we maintain close collaboration with Security Engineering.
About the Job
- Deeply understand our business to identify emerging business risks, embed compliance processes early, create consistency in our controls approach and re-use system primitives built to help us reduce risk. Communicate effectively with your key partners at the VP, Sr. Director, and Director levels.
- Champion effective production system design and remediation through scalable system designs that create efficient and effective control environments across a complex home grown marketplace and advertising systems.
- Develop a cohesive view of Financial Reporting risk with first and third line of defense functions including risk analysis, controls monitoring, improved tooling and high quality reporting for various stakeholder points of view.
- Drive a comprehensive IT SOX compliance program including planning, scoping, training, documenting processes, gap analysis and build of process enhancements to mitigate risks and meet compliance requirements.
- Collaborate with internal and external audit teams to drive an efficient audit process with well coordinated test evidence collection across compliance mandates, communication and reporting.
- Drive GRC team strategy with teammates focused on data related risks to prioritize and sequence activities for effective risk reduction.
- Expand our Data Integrity primitives to our Business to Business reporting risks within our advertising and marketplace products for frameworks like MRC and SOC.
About You
Minimum Qualifications
- BA/BS Degree in Computer Science, Engineering, Management Information Systems, or related technical discipline, or equivalent practical experience
- 12+ years of professional experience in Compliance Engineering, Big 4 Consulting/Auditing, GRC, Financial Systems, and/or in SOX technology industry experience
- 8+ years of experience with technology compliance in custom homegrown technology industry systems across domains such as IT Automated Controls, Access Management, Configuration Management, Change Management, Ads revenue, Information Security, etc.
- Ability to build compliance automation solutions, automated testing suites, and monitors using SQL, Python, Ruby and Terraform
- CISA, CISM, CPA, or CA certification
- Excellent communication skills (verbal and written), ability to influence without authority.
- Demonstrated teamwork and collaboration skills, in particular in leading across multiple business or product lines
Preferred Qualifications
- Experience building and implementing data reconciliation solutions for data pipelines and within datamarts (e.g., Snowflake, Databricks) for high transaction volume businesses
- Experience with SOX / internal metrics systems especially engineering / in-house systems, system flow related to internal metrics or revenue systems
- Experience with AWS and GCP environments
- Experience with CI/CD development tooling and systems
Instacart provides highly market-competitive compensation and benefits in each location where our employees work. This role is remote and the base pay range for a successful candidate is dependent on their permanent work location. Please review our Flex First remote work policy here.
Offers may vary based on many factors, such as candidate experience and skills required for the role. Additionally, this role is eligible for a new hire equity grant as well as annual refresh grants. Please read more about our benefits offerings here.
For US based candidates, the base pay ranges for a successful candidate are listed below.
Job Profile
Annual refresh grants Benefits offerings Earnings opportunities In-person events Market-competitive compensation Market-competitive compensation and benefits New hire equity grant Regular in-person events Remote work policy
Tasks- Communicate effectively
- Communicate with key partners
- Design
- Design scalable systems
- Develop
- Embed compliance processes
- Evaluate controls
- Identify business risks
- Mitigate risks
- Test
Advertising Audit Management Automation AWS Change Management CI/CD Collaboration Communication Compliance Consulting Cross-functional Collaboration Databricks Data integrity Data Pipelines Design Design Systems Engineering Financial reporting Financial Systems GCP Go Governance Information security Infrastructure IT risk management Measurement Organization Product Python Reliability Reporting Risk Assessment Ruby Security Engineering Snowflake SOX compliance SOX controls SQL Strategy System design Teams Terraform Training
Experience5 years
EducationAdvertising BA/BS Business Computer Science Engineering MA
Certifications TimezonesAmerica/Anchorage America/Chicago America/Denver America/Los_Angeles America/New_York Pacific/Honolulu UTC-10 UTC-5 UTC-6 UTC-7 UTC-8 UTC-9