Senior Offensive Security Engineer

About the team + role

Robinhood is looking for an Offensive Security Engineer to join the Red Team—a core function within the Offensive Security team and the broader Safety & Productivity Engineering organization. Our team leverages Red Teaming and Adversarial Simulation to evaluate security controls, surface real-world risks, and continuously harden Robinhood’s platforms, properties, and people!

You’ll play a hands-on role in validating assumptions, executing stealth simulations, and improving Robinhood’s ability to detect and respond to sophisticated adversaries. This role partners deeply with Detection & Response, Physical Security, and Engineering to help shape secure systems through threat modeling, pen testing, and research-driven tactics.

The role is located in the office location(s) listed on this job description which will align with our in-office working environment. Please connect with your recruiter for more information regarding our in-office philosophy and expectations.

What you’ll do

• Evangelize the Offensive Security Team’s Findings and Projects with stakeholders throughout the company and collaborate with other teams to create solutions that balance security with other priorities.
• Mentor and provide guidance to the members of the Offensive Security team.
• Utilize threat modeling to identify threats and shape Red Team priorities and exercises.
• Plan and execute long term, broadly scoped, black box Red Team exercises utilizing vulnerability research, exploit development, and utilizing public proof of concept code.
• Perform penetration testing, code reviews, and design/architecture reviews.
• Write tooling to assist with and automate Red Team assessments.
• Plan and participate in Adversarial Simulation exercises with various security teams.
• Lead Security Incidents when Pentest or Red Team findings require them.
• Publish blog posts and present talks at security conferences.

What you bring

• 5+ years of red teaming or offensive security experience, with a proven track record of driving impactful outcomes
• Strong mentorship experience and a passion for developing others
• Excellent communication skills—able to articulate complex security risks across technical and executive audiences
• Hands-on experience with MacOS and Linux systems, and familiarity with DNS, TCP/IP, and related protocols
• Experience attacking and securing cloud platforms (AWS, GCP), CI pipelines, and container orchestration systems (Docker, Kubernetes)
• Ability to evade modern defensive tools and understand t