Security Engineer, Detection & Response

Robinhood

Hybrid

Quick summary

Work type: Hybrid
Location: Menlo Park, CA
Salary: $157,000–$185,000 / yr
Posted: 94 days ago
Nearby: 99+ roles within 25 mi

Market check

Salary context

Below market

How this pay compares to similar roles

Similar $192k

This role $171k

$149k most similar roles pay here $233k

This role pays less than 69% of similar roles. Most pay $162,000–$222,000 — the shaded band above. At the midpoint, this role pays about $171k versus about $192k for comparable roles.

Based on 240 similar postings.

Employer

About Robinhood

Robinhood is a financial technology company offering commission-free stock, ETF, options, and cryptocurrency trading through its mobile app, aimed at democratizing access to financial markets. Industry: Financial Technology & Investment App

Robinhood currently has 74 open roles on FindRole.

Listed pay typically runs $187,000–$222,500 across 74 roles with salary data.

Most-posted roles

View all roles at Robinhood

At a glance

TL;DR · Security Engineer, Detection & Response

Role Posting Log in to save

As a Security Engineer, Detection & Response at Robinhood’s SecOps team in Menlo Park, CA, you will work to strengthen the company's ability to detect and respond to security threats by designing and improving detection logic, analyzing security telemetry across cloud and endpoint systems, and reducing false positives. You will collaborate closely with SOC analysts and engineering teams to refine investigation workflows and contribute to post-incident reviews. Key responsibilities include developing detection rules using query languages like KQL or SQL-like syntax, correlating data from multiple sources to identify attack patterns, and contributing to automation efforts by building SOAR playbooks. The ideal candidate has 2–4 years of experience in security operations and incident response, with expertise in SIEMs, EDR platforms, and cloud security tools, as well as strong communication skills for documenting incidents and collaborating effectively across technical teams.

Skills

SIEM EDR Kubernetes AWS SQL KQL SOAR Generative AI CI/CD Python PostgreSQL Okta Google Workspace

What you'll do

Investigate security alerts and perform log analysis across multiple platforms.
Develop, test, and tune detection rules to improve signal quality and reduce false positives.
Correlate data from telemetry sources to identify attack patterns and determine response actions.
Monitor emerging threats and update detection logic based on threat intelligence findings.
Contribute to automation efforts by building or refining SOAR playbooks for incident response.

What we're looking for

2-4 years of experience in security operations, detection engineering, or incident response.
Experience analyzing logs and tuning alerts within SIEMs, EDR platforms, and cloud security tools.
Proficiency in writing detections using query languages like SQL-like, KQL, or similar.
Familiarity with threat hunting and investigation techniques across cloud and endpoint environments.
Strong ability to analyze security telemetry and identify patterns of malicious activity.
Clear written and verbal communication skills for documenting incidents and collaborating with technical teams.

Save