Senior Security Engineer at Arta Finance

We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Senior Security Engineer at Arta Finance. Location Information: Bay Area. . The Company. Arta is on an audacious and incredibly rewarding mission: to pave the way for people everywhere to lead more successful financial lives. Arta leverages AI and sophisticated digital tools—once reserved for ultra-high-net-worth individuals—and makes them accessible to a broader global audience. Think of it as your own digital . family office. , combining intelligent investment strategies, alternative assets, private market access, and smart automation to help you grow and protect your wealth effortlessly. We value trust, teamwork, and adaptability. . The Role. As a Senior Security Engineer, you will play a critical role in protecting sensitive financial data, client assets, and infrastructure from cyber threats. You are responsible for application of the latest security posture management tools, design and implementation of best security practices across the entire system —. internal and client-facing application, and cloud infrastructure. .. . You will collaborate with the CISO (Chief Information Security Officer), CTO, product, devops, and legal/compliance teams. . What You Will Do. Application Security. Monitor and triage security issues discovered by security posture monitoring tools . Identify and fix vulnerabilities in web/mobile apps. Perform code reviews and plan penetration testing. Implement secure development practices (. DevSecOps. ). Collaborate with developers to secure new and existing features. Infrastructure & Cloud Security. Secure cloud deployments . Set up firewalls, proxies, IAM policies, VPCs, and network monitoring dashboards. Configure and manage encryption keys and other secrets. Compliance & Risk Management. Ensure adherence to . financial compliance standards. (e.g., SOC 2, MAS, GDPR, ISO 27001). Conduct risk assessments and audits. Support documentation and evidence gathering for audits. Security Monitoring & . Incident Response. Monitor systems for suspicious behavior or data breaches. Set up and tune . SIEM. tools (like Splunk or Datadog). Lead or support . incident response. (IR) and post-mortem analysis . Data Security & Privacy. Implement controls for . data encryption, tokenization, and access control. Ensure customer financial data (e.g., KYC, investment info) is protected. Security Awareness & Culture. Educate the team on phishing, secure coding, and access hygiene. Define and setup endpoint security policies. Help foster a . “security-first” culture. in a fast-moving startup. Who You Are. 8+ years of work experience in software or data engineering, ideally in financial services and/or fintech industry. At least 5+ years of hands-on experience in information security, cybersecurity, or cloud security roles. Strong understanding of network security, encryption, authentication, and access control. Extensive experience with cloud platforms such as . AWS/Azure. , and preferably . GCP. , along with cloud-native technologies.. Experience implementing . zero-trust architecture. , . secrets management. (e.g., HashiCorp Vault), and . DevSecOps. practices. Advanced scripting or programming ability in . Python, TypeScript, and . Bash. Familiarity with . container and orchestration security. (Docker, Kubernetes, Istio). Experience conducting or leading . threat modeling. , . penetration testing. , or . incident response. Experience with . application security practices. , such as code scanning (e.g., Snyk, Checkmarx) and OWASP Top 10. Familiarity with . SIEM tools. , intrusion detection systems, and endpoint protection. Ability to implement and maintain . identity and access management policies. (SSO, MFA, RBAC). Understanding of . financial regulatory standards. such as . SOC 2. , . ISO 27001. , . PCI-DSS. , or . GDPR. Basic knowledge of risk assessment and compliance requirements in a fintech environment. Strong communication skills with ability to collaborate across engineering, product, and compliance teams. Ability to explain complex security concepts in simple terms to non-technical stakeholders. Authorized to work in the United States. Based in the Bay area, or you have plans to relocate. . Interview Process. Intro call with the Head of Talent, 30m. Technical Interview 1: Coding/Algorithm/Data Structure, 60m. Technical Interview 2: Domain Knowledge and Security System Design with CTO, 60m. Technical Interview 3: General Assessment by CIO/Head of AI Research, 30-45m. Culture & Collaboration Interview with a Product Manager, 30m . .