About the team + role
We are building an elite team, applying frontier technologies to the world’s biggest financial problems. We’re looking for bold thinkers. Sharp problem-solvers. Builders who are wired to make an impact. Robinhood isn’t a place for complacency, it’s where ambitious people do the best work of their careers. We’re a high-performing, fast-moving team with ethics at the center of everything we do. Expectations are high, and so are the rewards.
The Security Engineering team builds systems and practices that help protect Robinhood’s platform, infrastructure, and customers at scale. The team works closely with infrastructure, developer platform, and product engineering teams to reduce security risk through automation, actionable visibility, and secure-by-default tooling. Team members focus on practical engineering solutions that improve detection, remediation, and operational resilience across cloud and application environments. We value clear communication, measurable outcomes, and building systems that help engineers resolve security issues efficiently.
As a Security Engineer – AI Vulnerability Management, you will help evolve Robinhood’s vulnerability management capabilities through automation, scalable tooling, and AI-assisted workflows. You will build systems that improve how vulnerabilities are discovered, prioritized, and remediated across modern cloud infrastructure and software environments. The role includes developing integrations, improving security visibility, and supporting incident response activities for high-priority vulnerabilities. You will partner with infrastructure and application engineering teams to create reliable remediation workflows that reduce manual effort while maintaining strong security standards.
This role is based in our Menlo Park office, with in-person attendance expected at least 3 days per week.
What you’ll do
- Build and maintain automation workflows that support vulnerability discovery, prioritization, and remediation across cloud and application environments
- Develop tooling and integrations that connect vulnerability findings with infrastructure context, runtime data, and threat intelligence signals
- Create CI/CD guardrails and developer workflows that help prevent common security issues from reaching production systems
- Support the response to high-priority vulnerabilities and zero-day events through analysis, remediation coordination, and exposure assessment
- Build dashboards and reporting workflows that translate security findings into clear operational insights for engineering teams and leadership
What you bring
- 3+ years of experience in security engineering, infrastructure security, or security automation roles
- Proficiency in Python or Go, including experience building scalable internal tools, APIs, or automation workflows
- Experience working with AWS, Kubernetes, or modern cloud-native infrastructure environments
- Familiarity with vulnerability management concepts, including CVSS, exploitability analysis, and remediation prioritization
- Experience using security tooling such as Snyk, Semgrep, Wiz, EndorLabs, or TruffleHog