Senior Security Engineer - Detection and Response

About the team:

The preferred location for this position is in or around Robinhood's offices in Menlo Park, CA, New York, NY, or Seattle, WA with in-office work capabilities, as may be required by management.

The Detection and Response Team (D&R) at Robinhood exemplifies our Safety First value by building and operating services that protect our customers' security and privacy. D&R consists of the Detection Platform and Incident Response teams, who work together to detect and assess threats, collect and analyze data, and respond to events. Together, we ensure the effectiveness of our safeguards and the continuous protection of our customer's data.

We are searching for an inquisitive and innovative Security Engineer with a passion for building detection strategies, conducting threat-hunting exercises, automating the mundane, and leading responses to security incidents against the full breadth of Robinhood's technology stack.

We want to talk to you if you're interested in being part of an impactful and inclusive team built on teamwork that encourages your diverse ideas and perspectives.

What you'll do day-to-day:

• Research attacker tactics, techniques, and procedures (TTPs) and craft detections to quickly identify and contain potential security threats
• Work with our Threat Intel and Offensive Security teams to stay ahead of emerging threats and understand where our risks and gaps exist
• Respond to security events, triage, perform investigations, incident analysis, and communicate clearly and efficiently to partners
• Participate in an on-call rotation

About you:

• Are innately curious and are skilled at finding hidden signals in a sea of data
• Possess a breadth of knowledge and experience across the information security domain, such as endpoint security, cloud security, application security, or automation
• 5+ years of experience in security operations, threat detection, incident response, or related domains

Bonus points:

• Experience detecting or responding to threats in Kubernetes (K8s), AWS, and Linux environments
• Proficiency in using Splunk, or similar tools to build sophisticated detections
• Experience in threat hunting
• Comfortable scripting in Python, Go, Bash, etc.

Technologies we use:

• Amazon Web Services (AWS), Kubernetes
• Splunk, Tines, Falco, Databricks, EDR, osquery

The expected salary range for this role is based on the location where the work will be performed and is aligned to one of 3 compensation zones. This role is also eligible to participate in a Robinhood bonus plan and Robinhood’s equity plan.

US Zone 1: $187000 - $220000
US Zone 2: $165000 - $194000
US Zone 3: $146000 - $172000