Senior Application Security Engineer

Location: Remote, USA

About the Role

As an Application Security - Senior Product Security Engineer, you will play a critical role in securing AlphaSense's cloud-based SaaS products. You will partner with engineering and product teams to embed security best practices into our SDLC, enhance automation across CI/CD, and ensure our customers' data and insights remain protected. You'll be a hands-on security engineer who can balance risk reduction with the fast-paced innovation of a global AI-driven technology company.

Key Responsibilities

• Lead application security initiatives across all SaaS products and microservices.
• Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems.
• Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools.
• Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads.
• Drive AppSec awareness and training, developing secure coding practices and guidelines.
• Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices.
• Support bug bounty and vulnerability disclosure programs and coordinate penetration testing.
• Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks.

Required Qualifications

• 5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment
• Strong understanding of web app and API security, microservices, and containerized architectures
• Experience integrating security tooling into modern CI/CD workflows
• Proficiency with SAST, DAST, IaC scanning, and container security platforms
• Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript).
• Familiarity with AWS security, Kubernetes security, and DevSecOps best practices.

Nice to Have

• Experience in data analytics or AI/ML product environments.
• Prior experience managing or integrating container runtime protection and supply chain security.
• Certifications such as OSWE, OSCP, CSSLP, AWS Security Specialty, or CISSP.

Why Join Us?

• Work on cutting-edge security challenges in a fast-growing company.
• Opportunity to shape and drive product security strategy.
• Collaborative and security-minded engineering culture.
• Competitive compensation, benefits, and career growth opportunities.

If you're a hands-on security leader passionate about building secure products, we'd love to hear from you!