Staff Risk & Compliance Engineer, Third Party Risk Management


Remote job description

We're transforming the grocery industry

At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.

Instacart has become a lifeline for millions of people, and we're building the team to help push our shopping cart forward. If you're ready to do the best work of your life, come join our table.

Instacart is a Flex First team

There's no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work - whether it's from home, an office, or your favorite coffee shop - while staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.


We're looking for experienced Third Party Risk Management leaders to join our fast-moving Governance, Risk, & Compliance (GRC) team. We work on a range of interesting and challenging products for our customers and internal teams, from our consumer apps, e-commerce sites, in-store, and advertising businesses.

At Instacart, our team works together to protect our customers, understand their needs and communicate with external and internal stakeholders transparently on our security program posture. This is a great opportunity for someone who wants to have a large sense of ownership, grow extraordinarily in their career, be customer-facing to our retailers and articulate our security stance and vision.

About the Team

You are joining our GRC team to take the reigns of our customer and vendor trust program. We've built our the foundations of the program and are looking for a central leader to implement improvements. The GRC & Security Engineering teams at Instacart are peer organizations reporting to our Chief Information Security Officer which allows us to make quick and impactful decisions to support the needs of our customers. We partner with:

  • Trust & Safety Team - Operates significant portions of our Third Party Risk Management capabilities and serve as a first line of defense in close coordination with this role.
  • Legal - Helps us understand retailer expectations, implement those into our processes and mitigate risks within our relationship agreements.
  • Business and Partnership Development - For driving growth opportunities and identifying the best approaches to mitigate our risk.
  • Security - App Sec and Infra Sec are our regular collaborators with open lines of communication.
  • Product - Understanding our product and capabilities is paramount. With this wide view of the suite of Instacart's current and upcoming products, you will have comprehensive knowledge of Instacart's platform of offerings.
  • Procurement - Integrate vendor and integration risk assessment into our procurement platforms and processes. Collaborate on stakeholder requests.


  • Be responsible for assessing current state and developing a vision and target state for the program
  • Lead the development and implementation of new and enhanced systems, procedures, processes, data collection, and administration of third party risk processes
  • Build relationships with external customers, business development, and product to understand our roadmap and emerging risks and requirements.
  • Build and manage our third party risk activities to identify and assess risks associated with existing and new vendor relationships by conducting thorough due diligence reviews
  • Continuously monitor third party relationships for any relevant changes to the risk level or engagement scope
  • Coordinate and lead cross functional operations and projects to implement change to better manage our 3rd and 4th party risks
  • Ensure holistic and accurate reporting of third party risk exposure
  • Coordinate and report all aspects of the 3rd Party Risk Management Program to leadership and other stakeholders


Minimum Qualifications

  • 10+ years of work experience in consulting, business operations, technical program management or other operational disciplines.
  • 4+ years experience in Third Party Risk Management with a demonstrated track record of relationship management, process design and risk mitigation
  • Excellent analytical and problem-solving skills.
  • Excellent communication skills (verbal and written), ability to influence without authority.
  • Demonstrated teamwork and collaboration skills, in particular in leading or contributing to global and multi-functional teams.

Preferred Qualifications

  • Bachelor's or Master's degree in a related discipline or equivalent practical experience
  • Experience in process design and process improvement in a complex cross-functional environment
  • Experience working with industry frameworks (Service Organization Controls Reporting, ISO 27001, etc)
  • Experience performing security site audits for Business Process Outsourcers
  • Experience with contract reviews and contractual standards for information technology
  • Experience working in a SaaS first company and software development organization
  • Experience influencing stakeholders and engineers
  • Experience managing remote contract resources
  • Proven track record of delivering organizational and process changes
  • Ability to balance risks in ambiguous and complex situations.


Instacart provides highly market-competitive compensation and benefits in each location where our employees work. This role is remote and the base pay range for a successful candidate is dependent on their permanent work location. Please review our Flex First remote work policy here.

Offers may vary based on many factors, such as candidate experience and skills required for the role. Additionally, this role is eligible for a new hire equity grant as well as annual refresh grants. Please read more about our benefits offerings here.

For US based candidates, the base pay ranges for a successful candidate are listed below.

$216,600-$275,000 USD

$207,000-$264,000 USD

$199,000-$253,000 USD

All other states
$179,000-$228,000 USD

Company name: Instacart
Remote job title: Staff Risk & Compliance Engineer, Third Party Risk Management
Job tags: Process Improvement, ISO 27001, Compliance

Share or copy

Job alerts