Skip to content

Security Engineer

ARQSão Paulo, SP, BrazilJuly 8, 2026
Hybrid
Full-time
Security Engineering
Mid · 2–4 yrs

About ARQ

ARQ is one of the fastest-growing fintechs in the world. Our mission is to redefine how people interact with money across borders, building the infrastructure to move value seamlessly. We're still early in our journey, which means every person who joins shapes the future of our product, culture, and growth. If you're excited by big challenges, global impact, and the chance to grow fast with a world-class team, ARQ is the place to do it.

What you'll do

  • Build and maintain SIEM detection rules, alert pipelines, and response playbooks (Datadog SIEM, CrowdStrike, Cloudflare), owning detection coverage for a defined set of systems end-to-end

  • Support incident response: triage alerts, execute IR playbooks, and help run tabletop exercises

  • Help operate DLP and data protection controls across Google Workspace, Slack, and internal tooling – owning day-to-day monitoring and tuning

  • Conduct cloud security assessments across AWS and Kubernetes environments under the guidance of senior team members

  • Support application security work: threat modelling sessions, secure code review, API security testing, and CI/CD pipeline checks

  • Help review and monitor AI/agentic workflows for prompt risks, unsafe automated actions, and data exposure

  • Execute vendor security assessments using the established due diligence framework, owning the review process for a portion of the vendor pipeline

What you'll need

  • 2–4 years in information security or a closely related technical role (security operations, cloud/infra engineering with a security focus, or similar)

  • Working experience with at least one cloud environment (AWS preferred) and familiarity with Kubernetes fundamentals

  • Exposure to SIEM platforms and an interest in detection engineering – you've written or tuned at least a few detection rules

  • Basic familiarity with application security concepts: threat modelling, secure code review, or API security testing

  • Some experience with endpoint security tooling (EDR/XDR) or identity & access management in a SaaS environment (Google Workspace, Okta/Cloudflare Access, SSO)

  • Curiosity about AI/agentic tooling risks (LLM integrations, MCP servers, automated workflows) – prior hands-on experience is a plus, not required

  • Strong written and verbal communication

  • Business fluent in English

Benefits

  • Competitive salary and benefits

  • Stock options, so you own part of what you build

  • Discretionary performance bonus

  • The latest tools and technology

  • A world-class team that will challenge and grow your skills

  • The opportunity to help build the best fintech app in Latin America

  • Office Policy: 3-4 days a week in-office

Job Details

Experience

Mid · 2–4 yrs

Tools & Tech

AWS
Cloudflare
CrowdStrike
Datadog
Kubernetes
Okta
Slack