← All verified jobs

Lead Security Engineer

arq group São PauloRemoteFullTime

See all open roles at arq group

Ghost-risk verdict

Likely real

  • 60 open roles at this company in 30 days (mass-hiring blitz)
  • no salary disclosed (correlates with ghost postings)

How we score ghost risk →

See your fit for this role and apply with a truthfully tailored résumé.

See my fit, free

About the role

About ARQ

ARQ is one of the fastest-growing fintechs in the world. Our mission is to redefine how people interact with money across borders, building the infrastructure to move value seamlessly. We're still early in our journey, which means every person who joins shapes the future of our product, culture, and growth. If you're excited by big challenges, global impact, and the chance to grow fast with a world-class team, ARQ is the place to do it.

What you'll do

Set the technical direction for detection engineering, alert pipelines, and automated response across the security stack (Datadog SIEM, CrowdStrike, Cloudflare), and raise the bar on how the team designs and reviews detections

Own incident response readiness at a program level: design IR playbooks, lead tabletop exercises, and act as technical lead during major incidents

Define DLP and data protection strategy across Google Workspace, Slack, and internal tooling, and guide the team executing it

Set the standard and approach for cloud security assessments across AWS and Kubernetes, reviewing findings from other engineers and tackling the most complex environments directly

Drive the application security roadmap: threat modelling standards, secure code review practices, API security testing strategy, and security pipeline architecture

Define the company's approach to securing AI/agentic workflows – setting guardrails for prompts, destructive actions, and data exposure, and advising other teams building with LLMs/MCP servers

Own the vendor security assessment framework itself: continuously improving the due diligence process and handling the highest-risk vendor reviews

Act as a technical mentor to mid and senior engineers, reviewing their detection logic, assessments, and playbooks without formal management responsibilities

What you'll need

7+ years in information security, including demonstrated experience building or substantially maturing a security function or program from the ground up

2+ years at a regulated fintech/bank/payment company

Deep, hands-on expertise in cloud infrastructure security (AWS, Kubernetes), able to architect controls

Strong detection engineering background – you've designed detection strategy and mentored others in writing rules

Proven experience driving application security programs: threat modelling frameworks, secure code review standards, CI/CD pipeline hardening, and API security testing strategy

Deep experience with endpoint security tooling (EDR/XDR) and identity & access management architecture in a SaaS-heavy environment (Google Workspace, Okta/Cloudflare Access, SSO/SCIM)

Demonstrated ability to define practical security guardrails for AI/agentic tooling – you understand the risks of LLM integrations, MCP servers, and automated workflows at an architectural level

Experience designing or significantly evolving a vendor security assessment/third-party due diligence program

Excellent written and verbal communication; comfortable representing security decisions to leadership and cross-functional stakeholders

Business fluent in English

Benefits

Competitive salary and benefits

Stock options, so you own part of what you build

Discretionary performance bonus

The latest tools and technology

A world-class team that will challenge and grow your skills

The opportunity to help build the best fintech app in Latin America

Office Policy: 3-4 days a week in-office

Stop applying to ghosts.

OyaPilot surfaces only verified, real jobs, scores your fit, and tailors your application truthfully.