Backend Engineer, Security

The Company

Arta is on an audacious and incredibly rewarding mission: to pave the way for people everywhere to lead more successful financial lives.  Arta leverages AI and sophisticated digital tools—once reserved for ultra-high-net-worth individuals—and makes them accessible to a broader global audience. Think of it as your own digital family office, combining intelligent investment strategies, alternative assets, private market access, and smart automation to help you grow and protect your wealth effortlessly.  We value trust, teamwork, and adaptability. 

The Role

As a Backend Engineer - Security, you will play a critical role in protecting sensitive financial data, client assets, and infrastructure from cyber threats.  You are responsible for application of the latest security posture management tools, design and implementation of best security practices across the entire system — internal and client-facing application, and cloud infrastructure.   You will sit within the core engineering org and collaborate with the CISO (Chief Information Security Officer), CTO, product, devops, and legal/compliance teams. 

What You Will Do

Application Security

• Monitor and triage security issues discovered by security posture monitoring tools 

• Identify and fix vulnerabilities in web/mobile apps

• Perform code reviews and plan penetration testing

• Implement secure development practices (DevSecOps)

• Collaborate with developers to secure new and existing features

Infrastructure & Cloud Security

• Secure cloud deployments  

• Set up firewalls, proxies, IAM policies, VPCs, and network monitoring dashboards

• Configure and manage encryption keys and other secrets

Compliance & Risk Management

• Ensure adherence to financial compliance standards (e.g., SOC 2, MAS, GDPR, ISO 27001)

• Conduct risk assessments and audits
  Support documentation and evidence gathering for audits

Security Monitoring & Incident Response

• Monitor systems for suspicious behavior or data breaches

• Set up and tune SIEM tools (like Splunk or Datadog)

• Lead or support incident response (IR) and post-mortem analysis

Data Security & Privacy

• Implement controls for data encryption, tokenization, and access control

• Ensure customer financial data (e.g., KYC, investment info) is protected

Security Awareness & Culture

• Educate the team on phishing, secure coding, and access hygiene

• Define and setup endpoint security policies

• Help foster a “security-first” culture in a fast-moving startup

Who You Are

• At least 6 years of work experience in software or data engineering, ideally in financial services and/or fintech industry

• At least 6 years of hands-on experience in information security, cybersecurity, or cloud security roles

• Advanced scripting or programming ability in Python, TypeScript, and Bash

• Strong understanding of network security, encryption, authentication, and access control

• Extensive experience with cloud platforms such as AWS/Azure, and preferably GCP, along with cloud-native technologies.

• Experience implementing zero-trust architecture, secrets management (e.g., HashiCorp Vault), and DevSecOps practices

• Familiarity with container and orchestration security (Docker, Kubernetes, Istio)
  Experience conducting or leading threat modeling, penetration testing, or incident response

• Experience with application security practices, such as code scanning (e.g., Snyk, Checkmarx) and OWASP Top 10

• Familiarity with SIEM tools, intrusion detection systems, and endpoint protection

• Ability to implement and maintain identity and access management policies (SSO, MFA, RBAC)

• Understanding of financial regulatory standards such as SOC 2, ISO 27001, PCI-DSS, or GDPR

• Basic knowledge of risk assessment and compliance requirements in a fintech environment

• Strong communication skills with ability to collaborate across engineering, product, and compliance teams

• Ability to explain complex security concepts in simple terms to non-technical stakeholders

• Based in Singapore, or you have plans to relocate

Interview Process

• Intro call with the Head of Talent, 30m

• Technical  Interview 1: Coding/Scripting, 60m

• Technical Interview 2: Security System Design, 60m

• Technical Interview 3: Domain Knowledge with CISO in NYC, 60m

• CEO Interview with Caesar Sengupta, 30m

There will be at least one in-person interview before making our offer decision.

Interview Integrity Notice
To ensure a fair and accurate assessment, candidates are expected to complete all interview exercises independently, without the use of external assistance or AI tools. Arta may, with your consent, request that you share your full screen during technical portions of the interview to verify your work environment. Interviewers may also, with your consent, ask you to temporarily disable virtual backgrounds or filters to confirm your identity and maintain interview integrity. These steps are voluntary, used only for real-time verification, and do not involve recording, storing, or accessing any information beyond what you choose to display during the session.

What We Offer

• A competitive salary and benefits package, with ample opportunities for growth and advancement

• A vibrant and dynamic work environment where innovation, collaboration, and continuous learning are highly valued

• The opportunity to work with a diverse and talented team of industry experts, passionate about shaping the future of finance

• Robust health insurance offering for you and your family

• High deductible health plan available with health savings account contribution

• 20 weeks of parental leave

• 17 days PTO annually plus national and company holidays