Director of Internal Audit, Security and Engineering

About the team + role

We are building an elite team, applying frontier technologies to the world’s biggest financial problems. We’re looking for bold thinkers. Sharp problem-solvers. Builders who are wired to make an impact. Robinhood isn’t a place for complacency, it’s where ambitious people do the best work of their careers. We’re a high-performing, fast-moving team with ethics at the center of everything we do. Expectations are high, and so are the rewards.

The Internal Audit Team at Robinhood assists the company’s Audit Committee of the Board with protecting assets, reputation, and sustainability of the organization. The Internal Audit function provides independent, objective, reliable, valued and timely assurance regarding the effectiveness of internal controls that mitigate current and emerging risks and help strengthen the internal controls ecosystem.

Robinhood Markets (RHM) is the parent company of various lines of business, including Brokerage, Crypto, and Cash services. We are looking for a Director of Internal Audit, Security & Engineering to join our dynamic team of auditors. You will be charged with specifically overseeing the execution of audits in the areas of Engineering, Security, Privacy, BCP/ DR and technologies leveraging artificial intelligence. Additionally, in this role you will be supporting integrated audits (i.e. underlying technology controls over business operations) across the various lines of businesses.

This position requires a leader with expert understanding of risks in a regulated Fintech setting. The successful candidate is a proven leader, collaborative, analytical, technical expert that can lead audits across multiple disciplines such as information security, software development privacy, cloud technology etc. The preferred location for this position is in or around Robinhood's offices in Menlo Park, CA or New York, NY with in-office work capabilities, as may be required by management, but remote work in limited geographies within the U.S. may be considered. Check with your recruiter for more information.

This position reports to the VP of Internal Audit and Enterprise Risk.

This role is based in our New York City, NY and Menlo Park, CA office(s), with in-person attendance expected at least 4 days per week. 

At Robinhood, we believe in the power of in-person work to accelerate progress, spark innovation, and strengthen community. Our office experience is intentional, energizing, and designed to fully support high-performing teams.

What you’ll do

• Assist Audit leadership with the development of the Internal Audit plan and the overall strategic direction of the Internal Audit program
• Be accountable for the achievement of Internal Audit objectives as they align to the internal audit strategy and company OKRs
• Be responsible for the execution of end-to-end audit procedures in the audit lifecycle: plan, lead and execute audits to assess controls and processes in the areas of Engineering, Security, Privacy, BCP/ DR and technologies leveraging artificial intelligence
• Operate with a hands-on and an attention-to-detail approach to managing the audit cycle, incl. the process of audit scoping, execution, quality reviews, reporting and remediation validation
• Conclude on audit results and present ratings and recommendations to senior management, C-Team members and the Audit Committee as needed
• Lead the discussion on enterprise-wide topics to various levels of management within Security & Engineering. Influence management to act on recommendations to strengthen the control environment and make process improvements
• Establish and manage relationships with senior leaders and risk partners. Share perspectives including industry best practices, audit standards, regulatory requirements and global impact with key stakeholders
• Support the creation of reports and presentations for the department, Robinhood entities, Audit Committee, regulators and external auditors
• Partner on continuous development and enhancement of the Audit practice to align with the overall objective and goals of the Audit function (including development of frameworks, metrics, procedures, partnerships, communications and training programs).
• Participate in special projects and perform other duties as assigned

What you bring

• Master’s degree in a relevant field of study (e.g. Computer Science, Information Systems, Data Science or Computer Engineering)
• 10+ years of technology auditing experience, including Technology and Operations auditing, risk management, Technology Compliance, Information Security, or software development
• Financial Services knowledge and financial product knowledge is preferred
• Ability to partner with business, engineering, data and product teams to strengthen controls environment using automated techniques
• Experience in end-to-end project management, system evaluation, and cross-functional collaboration
• Experience with information system lifecycle processes, including source code management, continuous integration, scalable architecture concepts, and decentralized software development governance.
• Deep understanding of infrastructure components and corresponding relevant risk mitigation techniques.
• Audit experience related to systems reliability, cloud computing, artificial intelligence design and usage, software development processes, database design, setup and administration, product design and configuration of complex financial and regulatory requirements with systems
• Experience assessing environments for privacy/security risk using privacy/security fundamentals (i.e., cookies, encryption, anonymization, perimeter defense, etc.)
• Experience auditing Cyber and Cloud Computing/AWS, data privacy, business continuity planning and disaster recovery
• Experience conducting audits using frameworks such as COBIT, ISO, IT General Controls (ITGC), NIST, GDPR, NYDFS and/or other industry standard control frameworks to document and assess Cybersecurity & IT processes.
• CISA, CISSP, CRISC, CDPSE or CISM certifications

Leadership expectations 

Our ambitious roadmap requires a great culture shaped by exceptional leaders. Here’s what we expect from them:

• Drive high performance by setting clear, focused goals, giving real-time feedback, stretching top talent, and scaling impact through focus, innovation, and tech.
• Hire and retain top talent by setting a high bar, hiring only those who raise it, investing in onboarding, and addressing talent issues quickly and fairly.
• Create community by connecting work to purpose, removing friction while prioritizing safety, building trust and inclusion, and leading from the front with integrity.

What we offer

• Challenging, high-impact work to grow your career
• Performance driven compensation with multipliers for outsized impact, bonus programs, equity ownership, and 401(k) matching
• Best in class benefits to fuel your work, including 100% paid health insurance for employees with 90% coverage for dependents
• Lifestyle wallet - a highly flexible benefits spending account for wellness, learning, and more
• Employer-paid life & disability insurance, fertility benefits, and mental health benefits
• Time off to recharge including company holidays, paid time off, sick time, parental leave, and more!
• Exceptional office experience with catered meals, events, and comfortable workspaces.

We use Covey as part of our hiring and / or promotional process for jobs in NYC and certain features may qualify it as an AEDT. As part of the evaluation process we provide Covey with job requirements and candidate submitted applications. We began using Covey Scout for Inbound on September 19, 2024.

Please see the independent bias audit report covering our use of Covey here.