Staff Offensive Security Engineer

TL;DR

Staff Offensive Security Engineer (Offensive Security): Designing and executing stealthy adversarial simulations to validate detection and response assumptions with an accent on threat modeling, penetration testing, and exploit-driven vulnerability research. Focus on uncovering gaps across applications, infrastructure, networks, and identity systems while partnering cross-functionally to strengthen Robinhood’s security posture.

Location: Toronto, Canada (in-person attendance expected at least 3 days per week)

Salary: $191,250 - $225,000 CAD (base pay range for Toronto, ON)

Company

Robinhood builds financial products with a mission to democratize finance.

What you will do

• Plan and execute red team operations, adversarial simulations, and penetration tests across applications, infrastructure, networks, offices, and internal processes.
• Perform threat modeling for new and existing services and communicate security risks and tradeoffs to engineering and risk stakeholders.
• Conduct vulnerability research and exploit development/testing using custom tooling and public proof-of-concept techniques.
• Partner with detection and response teams to simulate realistic attack scenarios and evaluate monitoring and incident response readiness.
• Write and maintain tooling to automate and scale offensive security assessments.
• Document findings, recommend remediation strategies, mentor teammates, and share knowledge through internal documentation and presentations.

Requirements

• 8+ years of hands-on experience in red teaming, offensive security, or penetration testing.
• Experience mentoring or guiding other security engineers.
• Strong threat modeling skills and familiarity with the MITRE ATT&CK framework.
• Experience testing modern environments including AWS/GCP, Docker/Kubernetes, CI pipelines, and identity systems.
• Working knowledge of defensive security tools (IDS/IPS, EDR, packet capture, network monitoring) and common evasion techniques.
• Proficiency in Python, Go, or JavaScript for exploit development, tooling, or automation.

Culture & Benefits

• In-person role with expected attendance at least 3 days per week.
• Performance-driven compensation with bonus opportunities and equity.
• Top-tier benefits including supplemental health insurance, ancillary insurance, and mental health support.
• Flexible employer-paid “Lifestyle wallet” for expenses beyond traditional benefits.
• Generous time off including company holidays, paid time off, sick time, volunteer time off, and parental leave.
• Monthly commuter stipend to offset in-office commuting costs.