Staff Offensive Security Engineer

Job Description

Join us in building the future of finance. Our mission is to democratize finance for all. An estimated $124 trillion of assets will be inherited by younger generations in the next two decades. The largest transfer of wealth in human history. If you’re ready to be at the epicenter of this historic cultural and financial shift, keep reading. About the team + role We are building an elite team, applying frontier technologies to the world’s biggest financial problems. We’re looking for bold thinkers. Sharp problem-solvers. Builders who are wired to make an impact. Robinhood isn’t a place for complacency, it’s where ambitious people do the best work of their careers. We’re a high-performing, fast-moving team with ethics at the center of everything we do. Expectations are high, and so are the rewards. The Red Team team’s mission is to proactively identify and simulate real-world threats against Robinhood’s platforms, properties, and people. Through red teaming and adversarial simulations, the team evaluates security controls, uncovers vulnerabilities, and helps continuously strengthen Robinhood’s overall security posture in close partnership with Detection & Response, Physical Security, and Engineering. As a Staff Offensive Security Engineer, you will take a hands-on role in designing and executing stealthy adversarial simulations to validate assumptions and uncover gaps in detection and response. You’ll leverage threat modeling, penetration testing, and research-driven techniques to emulate sophisticated attackers, while collaborating cross-functionally to improve defenses and shape more secure systems. This role is based in our Toronto, Canada office(s), with in-person attendance expected at least 3 days per week. At Robinhood, we believe in the power of in-person work to accelerate progress, spark innovation, and strengthen community. Our office experience is intentional, energizing, and designed to fully support high-performing teams. What you’ll do Plan and execute red team operations, adversarial simulations, and penetration tests across applications, infrastructure, networks, offices, and internal processes. Perform threat modeling for new and existing services, clearly articulating security risks and tradeoffs to engineering and risk stakeholders. Conduct vulnerability research, exploit development, and testing using both custom tooling and public proof-of-concept techniques. Partner with detection and response teams to simulate realistic attack scenarios and evaluate monitoring and incident response readiness. Write and mainta

Required Skills