Tech Stack

Description

You will hunt and map criminal ecosystems targeting Robinhood and its customers, translating intelligence into scalable defenses. You'll build a 'Universe of Threats' by tracking adversaries across phishing, scams, impersonation, fraud, and infrastructure abuse, and partner with teams to prioritize risks.

Requirements

• 8–12+ years total experience, 3–5+ years at senior/staff level in threat intelligence or cyber investigations
• Hands-on experience tracking phishing, scams, impersonation, fraud, and infrastructure abuse
• Deep familiarity with domain registration, DNS, certificate transparency, cloud/hosting abuse
• Experience with OSINT tooling, SQL, Python, SIEM/SOAR, OpenCTI
• Ability to translate complex threats into business risk for technical and executive audiences

Responsibilities

• Proactively hunt and map criminal ecosystems targeting Robinhood, translating intelligence into scalable defenses
• Build and operationalize a comprehensive 'Universe of Threats' across phishing, scams, impersonation, fraud, and infrastructure abuse
• Establish and mature a proactive threat intelligence lifecycle with industry partnerships and early warning capabilities
• Investigate attacker infrastructure and convert findings into detections, controls, and customer protections
• Coordinate threat actor infrastructure takedowns with hosting providers and platform partners