Search...

Security Engineer

ARQ logo
ARQ

ARQ (formerly DolarApp) is a modern finance app that gives travelers, investors, and professionals access to global assets and currencies. It offers digital dollars and euros at real market rates, a borderless cashback card, international payments, and investment access to stocks and ETFs.

Distributed
About ARQ

ARQ, rebranded from DolarApp, is a fintech platform aimed at making global finance accessible to travelers, investors, and professionals, primarily serving users in Mexico and Latin America. Its core offerings include converting local currency into digital dollars (USDc) and digital euros (EURc) at real market exchange rates without hidden fees, a global card offering competitive conversion rates and cashback for spending at home or abroad, and the ability to receive and send international payments (from the US and Europe) using personal account details instead of traditional remittance services. The platform also provides earnings accounts and access to leading global stocks and ETFs so users can invest and grow their wealth across markets. ARQ states it serves over 2 million people worldwide who manage their finances through the app, with app store ratings of 4.7/5 and 4.6/5.

View jobs by ARQ

Skills

About the Role

You'll build and maintain SIEM detection rules, alert pipelines, and response playbooks, owning detection coverage for a defined set of systems end-to-end. You'll support incident response by triaging alerts, executing IR playbooks, and helping run tabletop exercises. You'll help operate DLP and data protection controls across Google Workspace, Slack, and internal tooling, owning day-to-day monitoring and tuning. You'll conduct cloud security assessments across AWS and Kubernetes environments under the guidance of senior team members. You'll support application security work including threat modelling sessions, secure code review, API security testing, and CI/CD pipeline checks. You'll help review and monitor AI/agentic workflows for prompt risks, unsafe automated actions, and data exposure. You'll also execute vendor security assessments using an established due diligence framework, owning the review process for a portion of the vendor pipeline.

Requirements

  • 2–4 years in information security or a closely related technical role
  • 2+ years at a regulated fintech/bank/payment company
  • Working experience with at least one cloud environment (AWS preferred) and familiarity with Kubernetes fundamentals
  • Exposure to SIEM platforms and an interest in detection engineering
  • Basic familiarity with application security concepts: threat modelling, secure code review, or API security testing
  • Some experience with endpoint security tooling (EDR/XDR) or identity & access management in a SaaS environment (Google Workspace, Okta/Cloudflare Access, SSO)
  • Curiosity about AI/agentic tooling risks (LLM integrations, MCP servers, automated workflows)
  • Strong written and verbal communication
  • Business fluent in English

Responsibilities

  • Build and maintain SIEM detection rules, alert pipelines, and response playbooks
  • Own detection coverage for a defined set of systems end-to-end
  • Support incident response: triage alerts, execute IR playbooks, and help run tabletop exercises
  • Help operate DLP and data protection controls across Google Workspace, Slack, and internal tooling
  • Conduct cloud security assessments across AWS and Kubernetes environments
  • Support application security work: threat modelling sessions, secure code review, API security testing, and CI/CD pipeline checks
  • Review and monitor AI/agentic workflows for prompt risks, unsafe automated actions, and data exposure
  • Execute vendor security assessments using the established due diligence framework

Benefits

  • Stock options
  • Discretionary performance bonus
  • The latest tools and technology