Senior Application Security Engineer, Crypto

As a Senior Application Security Engineer, you’ll design and safeguard the cryptographic foundations of our fintech systems. You’ll own key management, secure payment flows, and protocol reviews while driving adoption of cutting-edge cryptography. This role combines hands-on technical depth with cross-team influence to protect customer trust and keep us ahead of emerging threats. This role is based in our Menlo Park, CA or Bellevue, WA office, with in-person attendance expected at least 3 days per week. At Robinhood, we believe in the power of in-person work to accelerate progress, spark innovation, and strengthen community. Our office experience is intentional, energizing, and designed to fully support high-performing teams. What you’ll do Perform proactive assessments covering infrastructure, secure and resilient architecture, data security (including privacy), identity and access management, application and product security for our Crypto business Prioritize and drive the reduction of discovered security issues, vulnerabilities, and risks by partnering with the business to provide recommendations and solutions Work with technical leads to develop strategies, programs, systems and tools that enhance our approach in keeping our products, data, and customers safe and secure Collaborate with partner security teams to help safeguard Robinhood’s data and infrastructure Provide technical expertise on Robinhood’s Security and Privacy solutions, policies, procedures, and standards Stay up to date on the direction of emerging security, privacy, blockchain technologies, and industry trends You don’t just identify security issues — you bring a builder’s mindset to remediate them at scale. What you bring 4+ years of experience conducting cyber security assessments 3+ years of experience engineering security solutions 2+ years of experience specializing in assessing and securing blockchain applications and infrastructure Deep understanding of blockchain technologies, protocols, exploits, and frameworks and associated security risks Security domain knowledge across many cyber security disciplines Outside-the-box thinking (adversary mentality) Experience communicating effectively with technical/non-technical and executive-level audiences Working knowledge of Go or Python for interacting with security tooling APIs Security automation experience is a plus Security technical report writing is a plus AWS experience is a plus