全部面试
Robinhood logo

Robinhood

Senior

Hands-on offensive security testing of Go/Python services, with a growing focus on AI/ML attack surface and crypto custody flows

Robinhood's Offensive Security team is hiring a Senior Penetration Tester based in Bellevue (3 days/week onsite) to run application security assessments, code reviews in Go and Python, and threat modeling, while scaling the team's throughput with AI-assisted tooling. The role explicitly covers attacking AI/ML systems (prompt injection, agent misuse, RAG/MCP exposure) and cryptocurrency custody/signing flows, on top of classic web app and cloud pentesting. Expect technical depth checks on real vulnerability classes plus how you use AI as a force multiplier in your own testing.

走进这场面试

免费 · 一场按这个岗位校准的真语音模拟

练这场面试

这场面试考什么

  • Manual application security testing and code review in Go and Python
  • Threat modeling for high-impact, business-logic-heavy systems
  • AI/ML system attack surface: prompt injection, agent/tool misuse, RAG and MCP exposure
  • Cryptocurrency/blockchain security: custody, key management, transfer validation, bridge/staking misuse
  • Using AI/automation to scale testing throughput (fuzzing, agentic recon, LLM-based review)
  • Cloud and container security (AWS/GCP, Docker, Kubernetes) plus cross-team remediation and PR contribution

常见提问方向

Walk me through a real vulnerability you found via manual code review in Go or Python

How would you test an AI/ML system for prompt injection or agent misuse — give a concrete example

How would you approach testing a crypto custody or wallet signing flow for misuse patterns

Describe an AI-assisted tool or pipeline you built to scale your own testing throughput

How do you validate a critical finding from an automated scanner before escalating it

Tell me about a time you didn't just report a vulnerability but drove the fix through to a PR

查看原始招聘页

相关面试