About the job
We're transforming the grocery industry
At Instacart, we invite the world to share love through food because we believe everyone should have access to the food they love and more time to enjoy it together. Where others see a simple need for grocery delivery, we see exciting complexity and endless opportunity to serve the varied needs of our community. We work to deliver an essential service that customers rely on to get their groceries and household goods, while also offering safe and flexible earnings opportunities to Instacart Personal Shoppers.
Instacart has become a lifeline for millions of people, and we’re building the team to help push our shopping cart forward. If you’re ready to do the best work of your life, come join our table.
Instacart is a Flex First team
There’s no one-size fits all approach to how we do our best work. Our employees have the flexibility to choose where they do their best work—whether it’s from home, an office, or your favorite coffee shop—while staying connected and building community through regular in-person events. Learn more about our flexible approach to where we work.
Overview
About the Role
Join Instacart's fast-moving Governance Risk and Compliance (GRC) team as a Senior Privacy Compliance Engineer II. In this role, you'll work on a range of challenging problems across technology risk domains, impacting Instacart's privacy posture and engineering culture. By protecting the data of customers, shoppers, and Retail & CPG partners, you're ensuring a secure shopping platform while advocating for user-centric, privacy-compliant solutions. This role offers a unique opportunity for significant ownership and substantial career growth, alongside the development of cross-functional, technical, and soft skills.
About the Team
The Privacy program is a cross-functional team including Legal, Engineering, and Operations teams that lead the development of privacy-focused features with our product and infrastructure teams. To accomplish this you'll work within the GRC risk pillar for Data Usage to define broader strategies and execute these strategies across cross functional domains for multiple products and systems. You'll help define team processes and act as an external representative for B2B customers, making a vital contribution to Instacart's privacy initiatives.
About the Job
- Translate legal and regulatory privacy requirements for product and engineering teams with a user-first approach.
- Lead the synthesis of requirements into a unified roadmap for privacy compliance, driving execution across cross-functional teams.
- Develop and run operational programs with privacy-by-design principles, collaborating with legal, operations, product, and engineering teams.
- Create concise requirements to automate privacy controls and compliance obligations.
- Provide compliance guidance to product, business, and engineering teams.
- Communicate privacy program scope to customers and stakeholders through active collaboration and leadership.
- Own the execution of regular privacy assessments, identifying and mitigating risks with effective tools, training, and guidance.
- Lead updates on the program progress and issues with Steering Committee executive stakeholders.
About You
Minimum Qualifications
- 7+ years of experience in consulting, business operations, technical program management, or other operational roles.
- 4+ years in program management with a proven track record in executing large-scale technical programs.
- Experience with privacy data protection legislation and/or regulations.
- Exceptional analytical, problem-solving, and communication skills (verbal and written).
- Ability to influence without authority and collaborate in multi-functional teams.
Preferred Qualifications
- Bachelor's or Master's degree in a related discipline or equivalent practical experience.
- Experience in a technical cloud environment, preferably AWS.
- Background in an Advertising business line.
- Proven ability to deliver significant product, organizational, or process changes.
- Capacity to balance risks in complex situations.
- Skills in process design and improvement in cross-functional environments.
- Experience with industry frameworks, such as ISO 27001 or NIST Privacy Framework.
- Expertise in end-to-end data lifecycle governance.
Instacart provides highly market-competitive compensation and benefits in each location where our employees work. This role is remote and the base pay range for a successful candidate is dependent on their permanent work location. Please review our Flex First remote work policy here.
Offers may vary based on many factors, such as candidate experience and skills required for the role. Additionally, this role is eligible for a new hire equity grant as well as annual refresh grants. Please read more about our benefits offerings here.
For US based candidates, the base pay ranges for a successful candidate are listed below.
How to apply?
Privacy Policy
At Remotexo, accessible from https://www.remotexo.com, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information that is collected and recorded by Remotexo and how we use it.
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.
This Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in Remotexo. This policy is not applicable to any information collected offline or via channels other than this website.
Consent
By using our website, you hereby consent to our Privacy Policy and agree to its terms.
Information we collect
The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.
If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number.
How we use your information
We use the information we collect in various ways, including to:
- Provide, operate, and maintain our website
- Improve, personalize, and expand our website
- Understand and analyze how you use our website
- Develop new products, services, features, and functionality
- Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
- Send you emails
- Find and prevent fraud
Log Files
Remotexo follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.
Cookies and Web Beacons
Like any other website, Remotexo uses 'cookies'. These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.
For more general information on cookies, please read the Cookies article on TermsFeed website.
Advertising Partners Privacy Policies
You may consult this list to find the Privacy Policy for each of the advertising partners of Remotexo.
Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on Remotexo, which are sent directly to users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.
Note that Remotexo has no access to or control over these cookies that are used by third-party advertisers.
Third Party Privacy Policies
Remotexo's Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites.
CCPA Privacy Rights (Do Not Sell My Personal Information)
Under the CCPA, among other rights, California consumers have the right to:
Request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.
Request that a business delete any personal data about the consumer that a business has collected.
Request that a business that sells a consumer's personal data, not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
GDPR Data Protection Rights
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
Children's Information
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
Remotexo does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
Our Social Presence