Search...

Senior Security Engineer

ARQ logo
ARQ

ARQ (formerly DolarApp) is a modern finance app that gives travelers, investors, and professionals access to global assets and currencies. It offers digital dollars and euros at real market rates, a borderless cashback card, international payments, and investment access to stocks and ETFs.

Distributed
About ARQ

ARQ, rebranded from DolarApp, is a fintech platform aimed at making global finance accessible to travelers, investors, and professionals, primarily serving users in Mexico and Latin America. Its core offerings include converting local currency into digital dollars (USDc) and digital euros (EURc) at real market exchange rates without hidden fees, a global card offering competitive conversion rates and cashback for spending at home or abroad, and the ability to receive and send international payments (from the US and Europe) using personal account details instead of traditional remittance services. The platform also provides earnings accounts and access to leading global stocks and ETFs so users can invest and grow their wealth across markets. ARQ states it serves over 2 million people worldwide who manage their finances through the app, with app store ratings of 4.7/5 and 4.6/5.

View jobs by ARQ

Skills

About the Role

You will build and improve SIEM detection rules, alert pipelines, and automated response playbooks using tools like Datadog SIEM, CrowdStrike, and Cloudflare. You will contribute to incident response readiness, including IR playbooks, tabletop exercises, and forensic procedures. You will support data loss prevention strategy and data protection controls across Google Workspace, Slack, and internal tooling. You will conduct cloud security assessments across AWS and Kubernetes environments. You will drive application security initiatives including threat modelling, secure code review support, API testing, and security pipeline improvements. You will assess and secure AI and agentic workflows across the company, reviewing prompts, preventing destructive actions, and controlling data exposure. You will also establish and run the vendor security assessment process, building a scalable due diligence framework for third-party onboarding.

Requirements

  • 4–7 years in information security, ideally having built or significantly shaped the security function at a startup or high-growth company
  • 2+ years at a regulated fintech/bank/payment company
  • Hands-on experience with cloud infrastructure security (AWS, Kubernetes)
  • Working knowledge of SIEM platforms and detection engineering
  • Familiarity with application security practices: threat modelling, secure code review, CI/CD pipeline hardening, and API security testing
  • Experience with endpoint security tooling (EDR/XDR) and identity & access management in a SaaS-heavy environment (Google Workspace, Okta/Cloudflare Access, SSO/SCIM)
  • Ability to assess and secure emerging AI/agentic tooling, understanding risks of LLM integrations, MCP servers, and automated workflows
  • Experience running or contributing to vendor security assessments and third-party due diligence
  • Strong written and verbal communication
  • Business fluent in English

Responsibilities

  • Build and improve SIEM detection rules, alert pipelines, and automated response playbooks
  • Contribute to incident response readiness, including IR playbooks, tabletop exercises, and forensic procedures
  • Support DLP strategy and data protection controls across Google Workspace, Slack, and internal tooling
  • Conduct cloud security assessments across AWS and Kubernetes environments
  • Drive application security initiatives including threat modelling, secure code review support, API testing, and security pipeline improvements
  • Assess and secure AI/agentic workflows across the company by reviewing prompts, preventing destructive actions, and controlling data exposure
  • Establish and run the vendor security assessment process and build a scalable due diligence framework for third-party onboarding

Benefits

  • Stock options
  • Discretionary performance bonus
  • The latest tools and technology