Backend Engineer, Security

Arta is on an audacious and incredibly rewarding mission: to pave the way for people everywhere to lead more successful financial lives. Arta leverages AI and sophisticated digital tools—once reserved for ultra-high-net-worth individuals—and makes them accessible to a broader global audience. Think of it as your own digital family office, combining intelligent investment strategies, alternative assets, private market access, and smart automation to help you grow and protect your wealth effortlessly. We value trust, teamwork, and adaptability.

As a Backend Engineer - Security, you will play a critical role in protecting sensitive financial data, client assets, and infrastructure from cyber threats. You are responsible for application of the latest security posture management tools, design and implementation of best security practices across the entire system — internal and client-facing application, and cloud infrastructure. You will sit within the core engineering org and collaborate with the CISO (Chief Information Security Officer), CTO, product, devops, and legal/compliance teams.

Application Security

• Monitor and triage security issues discovered by security posture monitoring tools
• Identify and fix vulnerabilities in web/mobile apps
• Perform code reviews and plan penetration testing
• Implement secure development practices (DevSecOps)
• Collaborate with developers to secure new and existing features

Infrastructure & Cloud Security

• Secure cloud deployments
• Set up firewalls, proxies, IAM policies, VPCs, and network monitoring dashboards
• Configure and manage encryption keys and other secrets

Compliance & Risk Management

• Ensure adherence to financial compliance standards (e.g., SOC 2, MAS, GDPR, ISO 27001)
• Conduct risk assessments and audits
• Support documentation and evidence gathering for audits

Security Monitoring & Incident Response

• Monitor systems for suspicious behavior or data breaches
• Set up and tune SIEM tools (like Splunk or Datadog)
• Lead or support incident response (IR) and post-mortem analysis

Data Security & Privacy

• Implement controls for data encryption, tokenization, and access control
• Ensure customer financial data (e.g., KYC, investment info) is protected

Security Awareness & Culture

• Educate the team on phishing, secure coding, and access hygiene
• Define and setup endpoint security policies
• Help foster a “security-first” culture in a fast-moving startup

• At least 6 years of work experience in software or data engineering, ideally in financial services and/or fintech industry
• At least 6 years of hands‑on experience in information security, cybersecurity, or cloud security roles
• Advanced scripting or programming ability in Python, TypeScript, and Bash
• Strong understanding of network security, encryption, authentication, and access control
• Extensive experience with cloud platforms such as AWS/Azure, and preferably GCP, along with cloud-native technologies.
• Experience implementing zero-trust architecture, secrets management (e.g., HashiCorp Vault), and DevSecOps practices
• Familiarity with container and orchestration security (Docker, Kubernetes, Istio)
• Experience conducting or leading threat modeling, penetration testing, or incident response
• Experience with application security practices, such as code scanning (e.g., Snyk, Checkmarx) and OWASP Top 10
• Familiarity with SIEM tools, intrusion detection systems, and endpoint protection
• Ability to implement and maintain identity and access management policies (SSO, MFA, RBAC)
• Understanding of financial regulatory standards such as SOC 2, ISO 27001, PCI-DSS, or GDPR
• Basic knowledge of risk assessment and compliance requirements in a fintech environment
• Strong communication skills with ability to collaborate across engineering, product, and compliance teams
• Ability to explain complex security concepts in simple terms to non-technical stakeholders
• Based in Singapore, or you have plans to relocate

• A competitive salary and benefits package, with ample opportunities for growth and advancement
• A vibrant and dynamic work environment where innovation, collaboration, and continuous learning are highly valued
• The opportunity to work with a diverse and talented team of industry experts, passionate about shaping the future of finance
• Robust health insurance offering for you and your family
• 20 weeks of parental leave
• 15 days PTO annually plus national and company holidays
• Up to SG$75 per month reimbursement for internet