Security Engineer, Detection & Response

Robinhood

Hybrid

Quick summary

Work type: Hybrid
Location: Menlo Park, CA
Salary: $157,000–$185,000 / yr
Posted: 61 days ago
Nearby: 99+ roles within 25 mi

Market check

Salary context

Below market

How this pay compares to similar roles

Similar $195k

This role $171k

$149k most similar roles pay here $233k

This role pays less than 70% of similar roles. Most pay $164,312–$225,000 — the shaded band above. At the midpoint, this role pays about $171k versus about $195k for comparable roles.

Based on 240 similar postings.

Employer

About Robinhood

Robinhood is a financial technology company offering commission-free stock, ETF, options, and cryptocurrency trading through its mobile app, aimed at democratizing access to financial markets. Industry: Financial Technology & Investment App

Robinhood currently has 81 open roles on FindRole.

Listed pay typically runs $187,000–$220,000 across 81 roles with salary data.

Most-posted roles

View all roles at Robinhood

At a glance

TL;DR · Security Engineer, Detection & Response

Apply Now Log in to save

As a Security Engineer, Detection & Response at Robinhood’s SecOps team in Menlo Park, CA, you will work closely with SOC analysts and security engineers to strengthen detection coverage and response readiness by designing and improving detection logic, analyzing security telemetry across cloud and endpoint systems, and reducing false positives. Your day-to-day responsibilities include investigating security alerts using SIEM, EDR, and cloud security platforms, developing and testing detection rules with query languages like KQL or SQL-like syntax, correlating data from multiple sources to identify attack patterns, and contributing to automation efforts by building SOAR playbooks. You will also document incidents and participate in post-incident reviews to enhance detection and response processes. This role requires 2–4 years of experience in security operations, familiarity with SIEMs and EDR platforms, strong analytical skills for threat hunting, and excellent communication abilities. Experience with AWS, Okta, Kubernetes, Google Workspace security tools, and developing software for detection and response tooling is a plus.

Skills

SIEM EDR Kubernetes AWS SQL KQL SOAR Generative AI CI/CD Python PostgreSQL

What you'll do

Investigate security alerts and perform log analysis to coordinate containment or remediation steps.
Develop, test, and tune detection rules using query languages to improve signal quality and reduce false positives.
Correlate data from multiple telemetry sources to identify attack patterns and determine appropriate response actions.
Monitor emerging threats and update detection logic based on investigation findings and threat intelligence reporting.
Contribute to automation efforts by building or refining SOAR playbooks and scripts for improved investigation speed.

What we're looking for

2-4 years of experience in security operations, detection engineering, or incident response.
Experience analyzing logs and tuning alerts within SIEMs, EDR platforms, and cloud security tools.
Proficiency in writing detections using query languages like SQL-like, KQL, or similar.
Familiarity with threat hunting and investigation techniques across cloud and endpoint environments.
Ability to analyze security telemetry and recommend practical improvements for detection gaps.
Clear written and verbal communication skills for documenting incidents and collaborating with technical teams.

Save