arq - Security Engineer

• 4–7 years in information security, ideally having built or significantly shaped the security function at a startup or high-growth company - you've been the person who sets things up, not just maintains them • Hands-on experience with cloud infrastructure security (AWS, Kubernetes) • Working knowledge of SIEM platforms and detection engineering - you've written detection rules, not just consumed alerts • Familiarity with application security practices: threat modelling, secure code review, CI/CD pipeline hardening, and API security testing • Experience with endpoint security tooling (EDR/XDR) and identity & access management in a SaaS-heavy environment (Google Workspace, Okta/Cloudflare Access, SSO/SCIM) • Ability to assess and secure emerging AI/agentic tooling - you understand the risks of LLM integrations, MCP servers, and automated workflows, and can define practical guardrails • Experience running or contributing to vendor security assessments and third-party due diligence • Strong written and verbal communication • Business fluent in English; Spanish or Portuguese a plus