Our mission is to democratize finance for all.

An estimated $124 trillion of assets will be inherited by younger generations in the next two decades. The largest transfer of wealth in human history.

If you’re ready to be at the epicenter of this historic cultural and financial shift, keep reading.

About the team + role

We are building an elite team, applying frontier technologies to the world’s biggest financial problems. We’re looking for bold thinkers. Sharp problem-solvers. Builders who are wired to make an impact.

Robinhood isn’t a place for complacency, it’s where ambitious people do the best work of their careers.

We’re a high-performing, fast-moving team with ethics at the center of everything we do. Expectations are high, and so are the rewards.

The Red Team team’s mission is to proactively identify and simulate real-world threats against Robinhood’s platforms, properties, and people.

Through red teaming and adversarial simulations, the team evaluates security controls, uncovers vulnerabilities, and helps continuously strengthen Robinhood’s overall security posture in close partnership with Detection & Response, Physical Security, and Engineering.

As a Staff Offensive Security Engineer, you will take a hands-on role in designing and executing stealthy adversarial simulations to validate assumptions and uncover gaps in detection and response.

You’ll leverage threat modeling, penetration testing, and research-driven techniques to emulate sophisticated attackers, while collaborating cross-functionally to improve defenses and shape more secure systems.

This role is based in our Toronto, Canada office(s), with in-person attendance expected at least 3 days per week.

At Robinhood, we believe in the power of in-person work to accelerate progress, spark innovation, and strengthen community.

Our office experience is intentional, energizing, and designed to fully support high-performing teams.

What you’ll do

• Plan and execute red team operations, adversarial simulations, and penetration tests across applications, infrastructure, networks, offices, and internal processes.

• Perform threat modeling for new and existing services, clearly articulating security risks and tradeoffs to engineering and risk stakeholders.

• Conduct vulnerability research, exploit development, and testing using both custom tooling and public proof-of-concept techniques.

• Partner with detection and response teams to simulate realistic attack scenarios and evaluate monitoring and incident response readiness.

• Write and maintain tooling to automate and scale offensive security assessments.

• Serve as a subject matter expert by documenting findings, recommending remediation strategies, and supporting teams through fixes.

• Mentor teammates and contribute to shared knowledge through internal documentation, presentations, and external talks or blog posts.

What you bring

• 8+ years of hands-on experience in red teaming, offensive security, or penetration testing.

• Demonstrated experience mentoring or guiding other security engineers.

• Strong understanding of threat modeling methodologies and the MITRE ATT&CK framework.

• Experience testing modern environments, including cloud platforms (AWS, GCP), containerized systems (Docker, Kubernetes), CI pipelines, and identity systems.

• Working knowledge of defensive security tools such as IDS/IPS, EDR, packet capture, and network monitoring, including common evasion techniques.

• Proficiency in Python, Go, or JavaScript for exploit development, tooling, or automation.

• Clear written and verbal communication skills, with the ability to explain technical findings to both engineers and senior leaders.

• Experience collaborating with distributed teams and documenting work through tools such as Slack, Jira, GitHub, and email.

Bonus points:

• Experience working in financial technology or regulated environments.

• Prior experience serving as a technical lead on security initiatives.

What we offer

• Challenging, high-impact work to grow your career

• Performance driven compensation with multipliers for outsized impact, bonus programs, and equity ownership

• Top tier benefits to fuel your work, including supplemental health insurance, ancillary insurance, and mental health support programs

• Lifestyle wallet - a highly flexible employer-paid benefits spending account expenses beyond traditional benefits such as wellness, childcare, learning, and more.

• Time off to recharge including company holidays, paid time off, sick time, paid volunteer time off, parental leave, and more!

• Exceptional office experience with catered meals, events, and comfortable workspaces.

• Monthly commuter stipend to help offset in-office commuting costs

XML job scraping automation by YubHub

Our mission is to democratize finance for all. An estimated $124 trillion of assets will be inherited by younger generations in the next two decades. The largest transfer of wealth in human history. If you’re ready to be at the epicenter of this historic cultural and financial shift, keep reading.

We are building an elite team, applying frontier technologies to the world’s biggest financial problems. We’re looking for thoughtful problem-solvers and builders who want to make a meaningful contribution. Robinhood is a place where people take ownership of their work and help improve financial access for all. We operate with high standards, clear accountability, and a strong focus on security and ethics in everything we build!

The Red Team’s mission is to identify and reduce real-world security risks across Robinhood by simulating adversary behaviour and testing defenses. As a Staff Offensive Security Engineer, you will plan and execute security assessments across applications, infrastructure, and physical environments, and partner closely with engineering and security teams to strengthen detection and response capabilities. You will help prioritise risk, contribute to remediation efforts, and develop tools and techniques that improve how we test and secure our systems. Your work will directly support the safety and reliability of products used by millions of customers.

This role is based in our Menlo Park, CA office, with in-person attendance expected at least 3 days per week.

At Robinhood, we believe in the power of in-person work to accelerate progress, spark innovation, and strengthen community. Our office experience is intentional, energising, and designed to fully support high-performing teams.

What you’ll do

• Evangelise the Offensive Security Team’s Findings and Projects with stakeholders throughout the company and collaborate with other teams to create solutions that balance security with other priorities.

• Mentor and provide guidance to the members of the Offensive Security team.

• Plan and execute red team exercises, including long-term assessments that simulate real-world attack scenarios

• Perform threat modelling and penetration testing across applications, infrastructure, and corporate environments

• Develop scripts and tools to support and automate security testing activities

• Partner with detection and response teams to run adversarial simulations and improve incident readiness

• Communicate findings clearly and work with engineering teams to remediate identified risks

• Lead Security Incidents when Pentest or Red Team findings require them.

• Plan and participate in Adversarial Simulation exercises with various security teams.

What you bring

• 8+ years of experience conducting red team operations or advanced penetration testing

• Experience mentoring or supporting the development of other security engineers

• Passion and demonstrated experience for challenging security assumptions.

• Excellent written and verbal communication skills and ability to communicate your findings at many different levels of abstraction from Engineers to Executives.

• Passion for fixing security issues and not just identifying security issues.

• Familiarity with common network protocols and standards such as DNS and TCP/IP.

• Experience with MacOS and Linux.

• Experience with leveraging components of a modern software development stack to attack companies, including CI, container orchestration systems (Kubernetes/Docker), cloud providers (AWS, GCP), etc and be able to give hardening suggestions.

• Experience/knowledge of defensive tools/techniques (IDS/IPS, Packet Capture, Network Analysis, AV, EDR, etc.) and how to evade them.

• Deep understanding of Mitre’s ATT&CK Framework.

• Strong understanding of the security fundamentals of access and identity.

• Comfortable reading / writing python, go, and javascript.

• Ability to research and execute a testing plan to access a new technology or process.

• Demonstrated experience working with a distributed team.

• Proficiency to communicate over a text-based medium (Slack, JIRA Issues, GitHub issues, & Email) and can succinctly document technical details.

Bonus Points

• Experience in the Financial Technology domain.

• Experience being a technical lead at other organisations.

What we offer

• Market competitive and pay equity-focused compensation structure

• 100% paid health insurance for employees with 90% coverage for dependents

• Annual lifestyle wallet for personal wellness, learning and development, and more!

• Lifetime maximum benefit for family forming and fertility benefits

• Dedicated mental health support for employees and eligible dependents

• Generous time away including company holidays, paid time off, sick time, parental leave, and more!

• Lively office environment with catered meals, fully stocked kitchens, and geo-specific commuter benefits

In addition to the base pay range listed below, this role is also eligible for bonus opportunities + equity + benefits.

Base pay for the successful applicant will depend on a variety of job-related factors, which may include education, training, experience, location, business needs, or market demands. The expected base pay range for this role is based on the location where the work will be performed and is aligned to one of 3 compensation zones. For other locations not listed, compensation can be discussed with your recruiter during the interview process.

Base Pay Range:

Zone 1 (Menlo Park, CA; New York, NY; Bellevue, WA; Washington, DC)$217,000-$255,000 USD

Zone 2 (Denver, CO; Westlake, TX; Chicago, IL)$190,000-$224,000 USD

Zone 3 (Lake Mary, FL; Clearwater, FL; Gainesville, FL)$169,000-$199,000 USD

XML job scraping automation by YubHub