- New York
- Menlo Park
- Denver, CO
- Date Posted
- Oct. 11, 2021
Join a leading fintech company that’s democratizing finance for all.
Robinhood was founded on a simple idea: that our financial markets should be accessible to all. With customers at the heart of our decisions, Robinhood is lowering barriers and providing greater access to financial information. Together, we are building products and services that help create a financial system everyone can participate in.
Just as we focus on our customers, we also strive to create an inclusive environment where our employees can thrive and do impactful work. We are proud of the competitive products and company culture we continue to build and have been recognized as:
- Glassdoor Best Places to Work 2020
- TIME100 Most Influential Companies 2021
- Fortune Best Workplaces in Financial Services & Insurance™ 2021 and Fortune Best Workplaces for Millennials™ 2021
- Check out life at Robinhood on The Muse!
About the team:
Robinhood’s Corporate Security team enables our workforce to execute with agility while not compromising security. To accomplish this, our Security Engineers focus on identifying the key risks, craft our security posture for our employees, and engineer control solutions to be applied at scale. Key areas of focus include endpoint security, network security, SaaS and 3rd party vendor security, identity governance, data protection controls, and more. Our approach is to implement & continuously validate strong controls through technical solutions & design reviews.
What you’ll do day-to-day:
Here are some examples of things our team focuses on:
- Implement endpoint & mobile security controls and attestation tooling for a diverse fleet
- Build secure access controls using modern-era tools and techniques (e.g. WebAuthn, SSH over HTTP, Ephemeral access)
- Build security tools and processes using Python for workforce infrastructure protection, monitoring, and remediation
- Utilize infrastructure management tooling (Puppet / Chef, Ansible, Salt, Terraform) to enable consistent hardening configs and code-driven security configurations in a multi-cloud, on-prem environment (e.g. GCP, Azure, AWS)
- Deploy Data Loss Prevention (DLP) solutions focusing on PII and PCI-related data that may be in SaaS applications (e.g. Google Workspace, Salesforce, Box)
- Service ownership of vulnerability management tools across multi-cloud and on-premise infrastructures to detect vulnerabilities and security misconfigurations
- Help craft the overall security strategy for M&As from due diligence through post-close integration and scale proactive controls to new environments
- Orchestrate security posture checks on all new infrastructure deployments
- Bachelor’s degree in Computer Science or a related technical field, or equivalent practical experience.
- 7+ years of relevant industry experience in the Corporate Security domain (endpoint security, DLP, SaaS security, identity governance, etc)
- Coding experience in one or more general purpose languages.
Previous experience in a FinTech or high-growth organization
We’re looking for more growth-minded and collaborative people to be a part of our journey in democratizing finance for all. If you’re ready to give 100% in helping us achieve our mission—we’d love to have you apply even if you feel unsure about whether you meet every single requirement in this posting. At Robinhood, we’re looking for people invigorated by our mission, values, and drive to change the world, not just those who simply check off all the boxes.
Robinhood’s benefits include generous time off, 401(k) participation with employer match, comprehensive health coverage, a health savings account (HSA), wellness benefits, backup childcare and education stipends (all benefits are subject to applicable taxes and based on eligibility).