Jobs · Information Technology · Washington

Senior Penetration Tester

Robinhood · Bellevue, WA · 3 wk ago
On-siteInformation Technology$187k–$220k/yrFull-time

About the team + role

The Penetration Testing team at Robinhood is a core part of our Offensive Security program and a key pillar within Security & Privacy Engineering. We work across the company to identify, understand, and reduce security risk through threat modeling, penetration testing, code reviews, and vulnerability research. Our team goes beyond simply finding issues—we take pride in fixing what we find, contributing to long-term improvements, and proactively helping teams build safer systems from the start.

What you’ll do

  • Perform application security assessments, including code reviews (primarily Go and Python), design reviews, and manual penetration testing of web applications, services, and infrastructure.
  • Build and operate AI-assisted tools (e.g. LLM-based code review, AI-driven fuzzing, agentic recon pipelines) to increase testing throughput and coverage.
  • Conduct threat modeling for high-impact systems and articulate security risk in terms of business logic, fraud potential, and customer impact.
  • Collaborate on the triage of bug bounty submissions.
  • Validate critical vulnerabilities surfaced by automated tools and improve detection coverage through scripting and configuration.
  • Work cross-functionally with engineers to mitigate issues, often contributing detection strategies, and occasionally direct code fixes (via pull requests).
  • Research emerging threats, new technologies, and attack techniques to evolve offensive and defensive capabilities of AI/ML systems.
  • Publish technical blog posts, speak at industry conferences, or share insights with the wider security community.
  • Advocate for security and privacy across engineering and product development teams.

What you bring

  • 5+ years of experience in penetration testing, application security, or security engineering.
  • Proactive communication and engagement with stakeholders.
  • Demonstrated impact using AI tools (models, agentic frameworks, et al) as force multipliers in security work.
  • Proficiency in auditing and exploiting Go and Python services.
  • Strong grasp of application security principles, authentication and authorization models, and common vulnerability patterns.
  • Experience with vulnerability research, business logic flaws, and application-layer misuse patterns.
  • Experience targeting AI/ML systems: prompt injection, tool/agent misuse, context and model exfiltration, and the broader stack (RAG pipelines, MCP servers, agentic frameworks).
  • Familiarity with Linux systems, intrusion detection, and common log formats.
  • Hands-on experience testing cloud environments (AWS, GCP, or similar) and container orchestration platforms (Docker, Kubernetes).
  • Knowledge of network protocols (TCP/IP, DNS) and secure architecture best practices.
  • Ability to work independently, structure and execute testing plans, and clearly communicate risk to technical and non-technical stakeholders.
  • Comfort collaborating and documenting work asynchronously using tools like Slack, GitHub, and JIRA.

Bonus points

  • Experience in the financial technology (fintech) industry or highly regulated environments.
  • Passion for improving security through fixing—not just finding—vulnerabilities.
  • Demonstrated history of challenging security assumptions and creatively solving complex problems.

What we offer

  • Challenging, high-impact work to grow your career
  • Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
  • Best in class benefits to fuel your work, including 100% paid health insurance for employees with 90% coverage for dependents
  • Lifestyle wallet - a highly flexible benefits spending account for wellness, learning, and more
  • Employer-paid life & disability insurance, fertility benefits, and mental health benefits
  • Time off to recharge including company holidays, paid time off, sick time, parental leave, and more!
  • Exceptional office experience with catered meals, events, and comfortable workspaces.

Similar jobs

Senior Penetration Tester

Accenture Federal ServicesArlington, VA· Yesterday
Information Technology$106k–$221k/yrapply on boards.greenhouse.io

Senior Penetration Tester

SchellmanUnited States· 3 wk ago
RemoteInformation Technologyapply on schellman.wd504.myworkdayjobs.com