Top Benefits
Premium medical, dental, and vision insurance
Parental leave
Annual lifestyle stipend
About the role
Who you are
- 1+ years of experience in security operations, detection engineering, or incident response
- Strong understanding of log analysis, detection tuning, and alert triage within security tools (SIEMs, EDRs, cloud security platforms)
- Hands-on experience conducting incident response and writing detections for AWS, Kubernetes, Google Workspace, macOS, and Okta
- Experience writing detections using query languages
- Familiarity with threat hunting, log correlation, and investigation techniques across cloud and endpoint environments
- Ability to analyze security telemetry, identify attack patterns, and contribute to continuous detection improvements
- Strong problem-solving skills and ability to collaborate across security teams in fast-paced incident response scenarios
What the job involves
- The Security Operations (SecOps) team’s mission is to proactively safeguard Robinhood and its customers
- SecOps is responsible for monitoring, detecting, and responding to security incidents in real time
- We do this by staying ahead of threats through gathering threat intelligence, conducting Red Team operations, and working with external security researchers to identify and mitigate potential risks before they can be exploited
- By maintaining a robust defense posture, the team protects Robinhood customers from ever-evolving cyber threats
- As a Detection & Response Engineer, you will focus on strengthening Robinhood’s ability to detect, investigate, and respond to security incidents
- You’ll work on developing high-quality detections, improving response workflows, and collaborating with security teams to reduce detection gaps
- This role requires technical expertise in security operations, detection engineering, and incident response while working closely with SOC analysts, engineers, and security stakeholders
- Investigate security alerts and incidents, conduct log analysis, and collaborate with teams to mitigate threats
- Develop and fine-tune detection logic to improve visibility into security threats, reducing false positives and detection gaps
- Analyze security signals, correlate data across multiple sources, and determine appropriate response actions
- Continuously monitor, evaluate, and improve security detections based on evolving threats and real-time feedback from investigations
- Assist in automating detection workflows and enhancing security operations efficiency through scripting or SOAR tools
- Contribute to post-incident reports and identify areas for improvement in detections, response, and remediation strategies
Benefits
- Well-being - Premium medical, dental, and vision insurance
- Family & home life - Parental leave, personal prosperity benefits
- Comfort & care - Annual lifestyle stipend
- Office life - Catered meals and fully stocked kitchen, commuter benefits
- Growth - Education and training, community events, career mentorships
Top Benefits
Premium medical, dental, and vision insurance
Parental leave
Annual lifestyle stipend
About the role
Who you are
- 1+ years of experience in security operations, detection engineering, or incident response
- Strong understanding of log analysis, detection tuning, and alert triage within security tools (SIEMs, EDRs, cloud security platforms)
- Hands-on experience conducting incident response and writing detections for AWS, Kubernetes, Google Workspace, macOS, and Okta
- Experience writing detections using query languages
- Familiarity with threat hunting, log correlation, and investigation techniques across cloud and endpoint environments
- Ability to analyze security telemetry, identify attack patterns, and contribute to continuous detection improvements
- Strong problem-solving skills and ability to collaborate across security teams in fast-paced incident response scenarios
What the job involves
- The Security Operations (SecOps) team’s mission is to proactively safeguard Robinhood and its customers
- SecOps is responsible for monitoring, detecting, and responding to security incidents in real time
- We do this by staying ahead of threats through gathering threat intelligence, conducting Red Team operations, and working with external security researchers to identify and mitigate potential risks before they can be exploited
- By maintaining a robust defense posture, the team protects Robinhood customers from ever-evolving cyber threats
- As a Detection & Response Engineer, you will focus on strengthening Robinhood’s ability to detect, investigate, and respond to security incidents
- You’ll work on developing high-quality detections, improving response workflows, and collaborating with security teams to reduce detection gaps
- This role requires technical expertise in security operations, detection engineering, and incident response while working closely with SOC analysts, engineers, and security stakeholders
- Investigate security alerts and incidents, conduct log analysis, and collaborate with teams to mitigate threats
- Develop and fine-tune detection logic to improve visibility into security threats, reducing false positives and detection gaps
- Analyze security signals, correlate data across multiple sources, and determine appropriate response actions
- Continuously monitor, evaluate, and improve security detections based on evolving threats and real-time feedback from investigations
- Assist in automating detection workflows and enhancing security operations efficiency through scripting or SOAR tools
- Contribute to post-incident reports and identify areas for improvement in detections, response, and remediation strategies
Benefits
- Well-being - Premium medical, dental, and vision insurance
- Family & home life - Parental leave, personal prosperity benefits
- Comfort & care - Annual lifestyle stipend
- Office life - Catered meals and fully stocked kitchen, commuter benefits
- Growth - Education and training, community events, career mentorships