Senior Product Security Engineer, Application Security
AlphaSense
About AlphaSense:
The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content.
The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us!
Location: Remote, USA
About the Role
As an Application Security - Senior Product Security Engineer, you will play a critical role in securing AlphaSense’s cloud-based SaaS products. You will partner with engineering and product teams to embed security best practices into our SDLC, enhance automation across CI/CD, and ensure our customers’ data and insights remain protected. You’ll be a hands-on security engineer who can balance risk reduction with the fast-paced innovation of a global AI-driven technology company.
Key Responsibilities
- Lead application security initiatives across all SaaS products and microservices.
- Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems.
- Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools.
- Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads.
- Drive AppSec awareness and training, developing secure coding practices and guidelines.
- Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices.
- Support bug bounty and vulnerability disclosure programs and coordinate penetration testing.
- Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks.
Required Qualifications
- 5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment
- Strong understanding of web app and API security, microservices, and containerized architectures
- Experience integrating security tooling into modern CI/CD workflows
- Proficiency with SAST, DAST, IaC scanning, and container security platforms
- Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript).
- Familiarity with AWS security, Kubernetes security, and DevSecOps best practices.
Nice to Have
- Experience in data analytics or AI/ML product environments.
- Prior experience managing or integrating container runtime protection and supply chain security.
- Certifications such as OSWE, OSCP, CSSLP, AWS Security Specialty, or CISSP.
Why Join Us? - Work on cutting-edge security challenges in a fast-growing company.
- Opportunity to shape and drive product security strategy.
- Collaborative and security-minded engineering culture.
- Competitive compensation, benefits, and career growth opportunities.
If you're a hands-on security leader passionate about building secure products, we’d love to hear from you!
For base compensation, we set standard ranges for all roles based on function and level benchmarked against similar stage growth companies and internal comparables. In order to be compliant with local legislation, as well as to provide greater transparency to candidates, we share salary ranges on all job postings regardless of desired hiring location. Final offer amounts are determined by multiple factors including candidate experience/expertise and may vary from the amounts listed below.
You may also be offered a performance-based bonus, equity, and a generous benefits program.
AlphaSense is an equal-opportunity employer. We are committed to a work environment that supports, inspires, and respects all individuals. All employees share in the responsibility for fulfilling AlphaSense’s commitment to equal employment opportunity. AlphaSense does not discriminate against any employee or applicant on the basis of race, color, sex (including pregnancy), national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor. This policy applies to every aspect of employment at AlphaSense, including recruitment, hiring, training, advancement, and termination.
In addition, it is the policy of AlphaSense to provide reasonable accommodation to qualified employees who have protected disabilities to the extent required by applicable laws, regulations, and ordinances where a particular employee works.
Recruiting Scams and Fraud
We at AlphaSense have been made aware of fraudulent job postings and individuals impersonating AlphaSense recruiters. These scams may involve fake job offers, requests for sensitive personal information, or demands for payment. Please note:
- AlphaSense never asks candidates to pay for job applications, equipment, or training.
- All official communications will come from an @alpha-sense.com email address.
- If you’re unsure about a job posting or recruiter, verify it on our Careers page.
If you believe you’ve been targeted by a scam or have any doubts regarding the authenticity of any job listing purportedly from or on behalf of AlphaSense please contact us. Your security and trust matter to us.