← All verified jobs

Senior Security Engineer

arq group São PauloRemoteFullTime

See all open roles at arq group

Ghost-risk verdict

Likely real

  • 60 open roles at this company in 30 days (mass-hiring blitz)
  • no salary disclosed (correlates with ghost postings)

How we score ghost risk →

See your fit for this role and apply with a truthfully tailored résumé.

See my fit, free

About the role

About ARQ

ARQ is one of the fastest-growing fintechs in the world. Our mission is to redefine how people interact with money across borders, building the infrastructure to move value seamlessly. We’re still early in our journey, which means every person who joins shapes the future of our product, culture, and growth. If you’re excited by big challenges, global impact, and the chance to grow fast with a world-class team, ARQ is the place to do it.

What you'll do

Build and improve SIEM detection rules, alert pipelines, and automated response playbooks (Datadog SIEM, CrowdStrike, Cloudflare)

Contribute to incident response readiness, including IR playbooks, tabletop exercises, and forensic procedures

Support DLP strategy and data protection controls across Google Workspace, Slack, and internal tooling

Conduct cloud security assessments across AWS and Kubernetes environments

Drive application security initiatives: threat modelling, secure code review support, API testing, and security pipeline improvements

Assess and secure AI/agentic workflows across the company — reviewing prompts, preventing destructive actions, and controlling data exposure

Establish and run the vendor security assessment process — building a scalable due diligence framework for third-party onboarding

What you'll need

4–7 years in information security, ideally having built or significantly shaped the security function at a startup or high-growth company - you've been the person who sets things up, not just maintains them

2+ years at a regulated fintech/bank/payment company

Hands-on experience with cloud infrastructure security (AWS, Kubernetes)

Working knowledge of SIEM platforms and detection engineering - you've written detection rules, not just consumed alerts

Familiarity with application security practices: threat modelling, secure code review, CI/CD pipeline hardening, and API security testing

Experience with endpoint security tooling (EDR/XDR) and identity & access management in a SaaS-heavy environment (Google Workspace, Okta/Cloudflare Access, SSO/SCIM)

Ability to assess and secure emerging AI/agentic tooling - you understand the risks of LLM integrations, MCP servers, and automated workflows, and can define practical guardrails

Experience running or contributing to vendor security assessments and third-party due diligence

Strong written and verbal communication

Business fluent in English

Benefits

Competitive salary and benefits

Stock options, so you own part of what you build

Discretionary performance bonus

The latest tools and technology

A world-class team that will challenge and grow your skills

The opportunity to help build the best fintech app in Latin America

Office Policy: 3-4 days a week in-office

Stop applying to ghosts.

OyaPilot surfaces only verified, real jobs, scores your fit, and tailors your application truthfully.