Senior Security Engineer at ARQ Finance answer
Is this job still open?
GMI Jobs is currently showing this Senior Security Engineer role at ARQ Finance as an active listing from employer-controlled hiring sources. Always confirm final availability on the employer application page before applying.
How do I apply for this role?
Use the application link on this page to apply directly with ARQ Finance. GMI Jobs keeps the canonical job page, company context, and market links together so candidates can compare before leaving the site.
What should I compare before applying?
Compare the role location São Paulo, any listed pay signal, company profile, related crypto jobs, and salary context before applying. Listed pay signals are not guaranteed offers; confirm compensation with the employer.
Job Description
<h1><strong>About ARQ</strong></h1><p style="min-height:1.5em">ARQ is one of the fastest-growing fintechs in the world. Our mission is to redefine how people interact with money across borders, building the infrastructure to move value seamlessly. We’re still early in our journey, which means every person who joins shapes the future of our product, culture, and growth. If you’re excited by big challenges, global impact, and the chance to grow fast with a world-class team, ARQ is the place to do it.</p><p style="min-height:1.5em"></p><h1>What you'll do</h1><ul style="min-height:1.5em"><li><p style="min-height:1.5em">Build and improve SIEM detection rules, alert pipelines, and automated response playbooks (Datadog SIEM, CrowdStrike, Cloudflare)</p></li><li><p style="min-height:1.5em">Contribute to incident response readiness, including IR playbooks, tabletop exercises, and forensic procedures</p></li><li><p style="min-height:1.5em">Support DLP strategy and data protection controls across Google Workspace, Slack, and internal tooling</p></li><li><p style="min-height:1.5em">Conduct cloud security assessments across AWS and Kubernetes environments</p></li><li><p style="min-height:1.5em">Drive application security initiatives: threat modelling, secure code review support, API testing, and security pipeline improvements</p></li><li><p style="min-height:1.5em">Assess and secure AI/agentic workflows across the company — reviewing prompts, preventing destructive actions, and controlling data exposure</p></li><li><p style="min-height:1.5em">Establish and run the vendor security assessment process — building a scalable due diligence framework for third-party onboarding</p></li></ul><p style="min-height:1.5em"></p><h1>What you'll need</h1><ul style="min-height:1.5em"><li><p style="min-height:1.5em">4–7 years in information security, ideally having built or significantly shaped the security function at a startup or high-growth company - you've been the person who sets things up, not just maintains them</p></li><li><p style="min-height:1.5em">2+ years at a regulated fintech/bank/payment company</p></li><li><p style="min-height:1.5em">Hands-on experience with cloud infrastructure security (AWS, Kubernetes)</p></li><li><p style="min-height:1.5em">Working knowledge of SIEM platforms and detection engineering - you've written detection rules, not just consumed alerts</p></li><li><p style="min-height:1.5em">Familiarity with application security practices: threat modelling, secure code review, CI/CD pipeline hardening, and API security testing</p></li><li><p style="min-height:1.5em">Experience with endpoint security tooling (EDR/XDR) and identity & access management in a SaaS-heavy environment (Google Workspace, Okta/Cloudflare Access, SSO/SCIM)</p></li><li><p style="min-height:1.5em">Ability to assess and secure emerging AI/agentic tooling - you understand the risks of LLM integrations, MCP servers, and automated workflows, and can define practical guardrails</