Senior Information Security Engineer jobs at Mastercard - 580 jobs

Join us in building the future of finance. Our mission is to democratize finance for all. An estimated $124 trillion of assets will be inherited by younger generations in the next two decades. The largest transfer of wealth in human history. If you're ready to be at the epicenter of this historic cultural and financial shift, keep reading. About the team + role We are building an elite team, applying frontier technologies to the world's biggest financial problems. We're looking for bold thinkers. Sharp problem-solvers. Builders who are wired to make an impact. Robinhood isn't a place for complacency, it's where ambitious people do the best work of their careers. We're a high-performing, fast-moving team with ethics at the center of everything we do. Expectations are high, and so are the rewards. Robinhood is looking for an Offensive Security Engineer who is passionate about Red Teaming, Adversarial Simulation, and breaking / fixing systems, to join the Red Team. The Red Team is a core pillar of the Offensive Security team and situated within the Safety & Productivity Engineering organization. The Red Team works with teams across Robinhood to ensure our products, services, and processes are secure through threat modeling, penetration testing, adversarial simulations, and red teaming. Here are some examples of things our team does frequently that you'll be heavily involved with: Red Teaming to validate assumptions, facilitate decisions, and improve our ability to detect and respond to incidents. Perform threat modeling against critical and new services. Articulate the actual security risk to risk working groups. Penetration testing our critical infrastructure, production applications, networks, offices, and processes. Sparring with Detection and Response and other stakeholders via Adversarial Simulations to prepare for incidents. Partnering with the physical security team to conduct assessments of Robinhood properties. Serving as a technical advocate and Subject Matter Expert for privacy and security decisions, designs, and discussions. Driving innovative ideas to implementation as the company evolves and grows. Conduct vulnerability research to understand latest TTPs, exploits, and forward looking capabilities. Leaving things better than you found them by partnering to fix the issues and not just finding broken things. As an Offensive Security Engineer, you will work across multiple domains, partner with key teams across Robinhood, and help build an even more resilient and secure product for our customers. This role is based in our Menlo Park, CA office, with in-person attendance expected at least 3 days per week. What you'll do Evangelize the Offensive Security Team's Findings and Projects with stakeholders throughout the company and collaborate with other teams to create solutions that balance security with other priorities. Mentor and provide guidance to the members of the Offensive Security team. Utilize threat modeling to identify threats and shape Red Team priorities and exercises. Plan and execute long term, broadly scoped, black box Red Team exercises utilizing vulnerability research, exploit development, and utilizing public proof of concept code. Perform penetration testing, code reviews, and design/architecture reviews. Write tooling to assist with and automate Red Team assessments. Plan and participate in Adversarial Simulation exercises with various security teams. Lead Security Incidents when Pentest or Red Team findings require them. Publish blog posts and present talks at security conferences. What you bring 5+ years of Red Team experience. Experience mentoring other team members. Passion and demonstrated experience for challenging security assumptions. Excellent written and verbal communication skills and ability to communicate your findings at many different levels of abstraction from Engineers to Executives. Passion for fixing security issues and not just identifying security issues. Familiarity with common network protocols and standards such as DNS and TCP/IP. Experience with MacOS and Linux. Experience with leveraging components of a modern software development stack to attack companies, including CI, container orchestration systems (Kubernetes/Docker), cloud providers (AWS, GCP), etc and be able to give hardening suggestions. Experience/knowledge of defensive tools/techniques (IDS/IPS, Packet Capture, Network Analysis, AV, EDR, etc.) and how to evaded them. Deep understanding of Mitre's ATT&CK Framework. Strong understanding of the security fundamentals of access and identity. Ability to research and execute a testing plan to access a new technology or process. Demonstrated experience working with a distributed team. Proficiency to communicate over a text-based medium (Slack, JIRA Issues, GitHub issues, & Email) and can succinctly document technical details. Experience in the Financial Technology domain. Experience being a technical lead at other organizations. What we offer Market competitive and pay equity-focused compensation structure 100% paid health insurance for employees with 90% coverage for dependents Annual lifestyle wallet for personal wellness, learning and development, and more! Lifetime maximum benefit for family forming and fertility benefits Dedicated mental health support for employees and eligible dependents Generous time away including company holidays, paid time off, sick time, parental leave, and more! Lively office environment with catered meals, fully stocked kitchens, and geo-specific commuter benefits In addition to the base pay range listed below, this role is also eligible for bonus opportunities + equity + benefits. Base pay for the successful applicant will depend on a variety of job-related factors, which may include education, training, experience, location, business needs, or market demands. The expected base pay range for this role is based on the location where the work will be performed and is aligned to one of 3 compensation zones. For other locations not listed, compensation can be discussed with your recruiter during the interview process. Base Pay Range: Zone 1 (Menlo Park, CA; New York, NY; Bellevue, WA; Washington, DC) $187,000 - $220,000 USD Zone 2 (Denver, CO; Westlake, TX; Chicago, IL) $165,000 - $194,000 USD Zone 3 (Lake Mary, FL; Clearwater, FL; Gainesville, FL) $146,000 - $172,000 USD Click here to learn more about our Total Rewards, which vary by region and entity. If our mission energizes you and you're ready to build the future of finance, we look forward to seeing your application. Robinhood provides equal opportunity for all applicants, offers reasonable accommodations upon request, and complies with applicable equal employment and privacy laws. Inclusion is built into how we hire and work-welcoming different backgrounds, perspectives, and experiences so everyone can do their best. Please review the Privacy Policy for your country of application. Equal Employment Opportunity Information At Robinhood, we care deeply about diverse representation in our workforce as it supports our mission to democratize finance for all. In support of this goal, we encourage applicants to voluntarily identify demographic information. This information helps us to continue building a more inclusive workplace and to ensure effective recruiting programs that are inclusive of individuals across all backgrounds. Self-identifying in this section is completely voluntary and if you choose not to provide any information, please select the "I don't wish to answer" option under that question. Whatever your decision, data that you provide in this section will not be considered in the hiring process or thereafter. Individuals seeking employment at Robinhood are considered without regard to race, color, religion, national origin, age, sex, sexual orientation, marital status, ancestry, physical or mental disability, neurodivergence, veteran status, gender identity or expression, or any other characteristic protected by law. You are being given the opportunity to provide the following information in order to help us comply with federal and state Equal Employment Opportunity recordkeeping, reporting, and other legal requirements, and to be used in our efforts to recruit a diverse workforce. Any information that you do provide will be recorded and maintained in a confidential manner. For more information on EEOC definitions, please reference this document . By checking this box, I consent to Robinhood collecting, storing, and processing my responses to the demographic data surveys above. * #J-18808-Ljbffr