Sorry. This page is not yet translated.
Robinhood

Robinhood lets you learn to invest in the stock market for free.

Security Engineer, Technology Risk
Menlo Park, CA, US
Job Description / Skills Required

Robinhood was founded on a simple idea: that our financial markets should be accessible to all. With customers at the heart of our decisions, Robinhood is lowering barriers, removing fees, and providing greater access to financial information. Together, we are building products and services that help create a financial system everyone can participate in.


Just as we focus on our customers, we also strive to create an inclusive environment where our employees can thrive and do impactful work. We are proud of the world class products and company culture we continue to build and have been recognized as:



  • A Great Place to Work

  • A CNBC Disruptor 50 in 2019 and 2020

  • A LinkedIn Top Startup in 2017, 2018, 2019 and 2020


Robinhood is backed by leading investors that include DST Global, Index Ventures, NEA, Ribbit Capital, Thrive Capital, and Sequoia.


Check out life at Robinhood on The Muse!


About the role:


Robinhood is looking for a seasoned infrastructure or infrastructure security engineer to lead infrastructure risk management, at the interface of the Governance, Risk and Compliance (GRC), Engineering, and Security functions. The ideal candidate will thrive on working cross-functionally, building trust and great working relationships. You will work on projects across several teams and partner opportunistically with senior engineers across the company. Your primary function will be to help us assess infrastructure related risk and work with the business to develop mitigation plans to help Robinhood scale and manage the controls expected in a large and well established company. You will play a leadership role in a key task force of GRC technologists that monitor and guide the company in its use of technology as an enabler of growth. 


One of the key responsibilities for GRC is to discover, track, and drive risk remediation. The Infrastructure Risk Engineer will be responsible for overseeing this effort for all infrastructure related risk in the firm. You will work together with your colleagues in Technology Risk & Compliance (TRC) to create templates for regular engineering-wide risk discovery efforts, work with engineering leaders to assess the risks, and develop mitigation strategies. 


You will also provide design and implementation support for key infrastructure such as the technologies that support customer and employee identity, authentication, authorization, and auditing. You will also be responsible for operating and supporting the third-party products that are unique to GRC. As one of the most senior engineers at Robinhood, you will play an active role in the community around engineering at Robinhood and be involved in consultations and design reviews of products across the company. If you are interested in a role where you get to guide and advise while still keeping your hands on a keyboard part of the time, this is a great opportunity for you!


What you’ll do day-to-day:



  • Implementation and management of the technologies that drive the GRC function, including at least a partial role in our fraud and anti-money laundering backend services. 

  • Conduct infrastructure risk assessments for both in-house and vendor-provided systems.

  • Collaborate on mitigation strategies for infrastructure risks

  • Collaborate with other senior engineers on technical guidance on how to manage our cloud-based infrastructure at scale

  • Establish working groups across InfoSec, GRC, and Engineering to identify and drive infrastructure improvements.

  • Join forces with other senior engineers to identify and drive high-impact initiatives.

  • Identity potential problems and metrics to measure their impact and surface them to senior executives.

  • Provide technical guidance during audits and regulatory compliance efforts


About you:



  • 10+ years of experience in technical job roles of which at least five is program and project management

  • Experience writing clear concise technical documentation

  • Experience building complex cross-functional programs

  • Experience in one or more security disciplines, such as those in the Common Body of Knowledge

  • University degree or equivalent experience in Computer Science, Engineering, Information Systems, Finance, or related fields

  • Familiarity with GDPR, CCPA, and similar regulatory requirements


Bonus points: 



  • 5+ years of experience in a security and/or risk management organization

  • Experience in a highly regulated environment and/or public companies

  • Experience managing off-the-shelf GRC tools

  • CISSP, CISM, ISSMP, or similar certification


We’re looking for more growth-minded and collaborative people to be a part our journey in democratizing finance for all. If you’re ready to give 100% in helping us achieve our mission—we’d love to have you apply even if you feel unsure about whether you meet every single requirement in this posting. At Robinhood, we're looking for people invigorated by our mission, values, and drive to change the world, not just those who simply check off all the boxes.


Robinhood promotes diversity and provides equal opportunity for all applicants and employees. We are dedicated to building a company that represents a variety of backgrounds, perspectives, and skills. We believe that the more inclusive we are, the better our work (and work environment) will be for everyone. Additionally, Robinhood provides reasonable accommodations for candidates on request and respects applicants' privacy rights. To review Robinhood's Privacy Policy please click here.