All interviews
Robinhood logo

Robinhood

Senior

Hunt criminal ecosystems and turn intel into disruption at Robinhood (Toronto)

Robinhood is hiring a Senior Security Analyst for its Threat Intelligence team based in Toronto, to hunt phishing, scam, impersonation, fraud, and infrastructure-abuse campaigns targeting the brand and its customers. The role blends hands-on OSINT investigation, infrastructure takedown coordination, and cross-team translation of technical threats into business risk. Practice the exact story arc — indicator to campaign to actor to disruption — that this interview will probe.

Step into this interview

Free · a live voice mock calibrated to this exact role

Practice this interview

What this interview tests

  • Threat actor and campaign tracking (phishing/scam/impersonation/fraud)
  • Infrastructure investigation: domains, DNS, certificate transparency, cloud/hosting abuse
  • Converting intelligence into detections, controls, and takedowns
  • OSINT tooling, SQL/Python, SIEM/SOAR, OpenCTI, case management
  • Cross-functional risk communication and prioritization

Common question themes

Tell me about a campaign you tracked from a single indicator to actor-level attribution.

How have you used DNS/certificate transparency/domain registration data to map attacker infrastructure?

Describe coordinating an infrastructure takedown with a registrar or hosting provider.

How do you translate a technical threat into business risk for non-technical stakeholders?

Give an example of building or improving an intelligence workflow using OSINT tooling or automation.

How do you decide which threats to prioritize when everything looks urgent?

View the original posting

Related interviews