Trust & Safety Senior Associate, Information Security Ops

Overview

We're transforming the grocery industry. At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.

Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward.

About the Role

The InfoSec Ops Senior Associate will sit on Instacart’s InfoSec Ops team and report to the Trust & Safety manager over InfoSec Ops. You will collaborate cross‑functionally with GRC, Security, Procurement, Legal, Engineering, and other stakeholders in this role. You must be able to operate independently and with a high degree of confidentiality.

About the Team

Instacart's Trust & Safety department takes data‑driven, customer‑first approaches to ensure we are compliant with all local, state, and federal regulations regarding grocery fulfillment. The InfoSec Ops team focuses on keeping Instacart’s data and the systems it flows through safe at scale, from vendor risk management to internal access controls and beyond.

About the Job

• The InfoSec Ops Senior Associate will handle a variety of operational and program management tasks related to data privacy and information security. Responsibilities include handling cadenced tasks, high‑priority escalations, and some program management responsibilities. You will also take ownership of privacy and security readiness efforts for high‑visibility launches and manage competing priorities across several subject matter areas.
• Your operational responsibilities will include:
  • Evaluating vendors’ data collection practices and security postures; working with internal teams and vendor teams to understand the types of data each vendor would collect; communicating Instacart’s security and privacy requirements
  • Tracking and reporting metrics on InfoSec Ops initiatives
  • Assisting with large‑scale audit readiness efforts
  • Organizing, coordinating, and tracking cross‑functional privacy and security projects involving multiple stakeholder teams
  • Acting as the DRI representing Trust & Safety’s privacy and security operations teams in high‑visibility company‑wide initiatives, including expansions into new markets and product surfaces
• Your program management responsibilities will include:
  • Building and maintaining workflow documentation
  • Automating and monitoring recurring tasks using AI agents
  • Proactively coming up with ideas to improve operational efficiency
  • Identifying, tracking, and reporting success metrics
• We are looking for candidates with stellar written communication skills, business acumen, and a keen sense of situational awareness. You will need to navigate delicate situations with discretion and tact.
• As a member of a small operational team supporting a program with company‑wide impact, you will surface ideas for projects and process improvements and drive them to fruition. You will also be asked to take on data analysis tasks and metrics reporting.

About You

#LI-Remote

Minimum Qualifications

• 4+ years of experience within a Trust & Safety, risk, legal, or policy operations function, ideally one subject to legal, regulatory, or contractual obligations around sensitive data
• 2+ years taking on elevated responsibilities within such an environment
• Demonstrated ability to navigate ambiguity and show leadership on complex, high‑visibility operational workflows
• Track record of driving cross‑functional projects to completion
• Familiarity with information security and data privacy concepts and vocabulary
• Stellar written and verbal communication skills, including the ability to convey complex privacy and security issues clearly to internal and external stakeholders
• Composure and precision when operating in time‑sensitive or business‑critical situations
• Working understanding of business metrics and reporting

Preferred Qualifications

• Professional experience related to information security and data privacy operations, especially vendor risk management operations
• Familiarity with third party risk management frameworks
• CIPP/CIPM or SEC+ certification is a big plus

Compensation and Benefits

This role is remote and the base pay range depends on the employee’s permanent work location. For US‑based candidates, the base pay ranges are:

• CA, NY, CT, NJ: $95,000 – $100,000 USD
• WA: $91,000 – $96,000 USD
• OR, DE, ME, MA, MD, NH, RI, VT, DC, PA, VA, CO, TX, IL, HI: $86,000 – $91,000 USD
• All other states: $79,000 – $83,500 USD