<p>Location: Remote, USA</p> <p>About the Role</p> <p>As an Application Security - Senior Product Security Engineer, you will play a critical role in securing AlphaSense's cloud-based SaaS products. You will partner with engineering and product teams to embed security best practices into our SDLC, enhance automation across CI/CD, and ensure our customers' data and insights remain protected. You'll be a hands-on security engineer who can balance risk reduction with the fast-paced innovation of a global AI-driven technology company.</p> <p>Key Responsibilities</p> <ul> <li>Lead application security initiatives across all SaaS products and microservices. </li><li>Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems. </li><li>Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools. </li><li>Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads. </li><li>Drive AppSec awareness and training, developing secure coding practices and guidelines. </li><li>Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices. </li><li>Support bug bounty and vulnerability disclosure programs and coordinate penetration testing. </li><li>Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks. </li></ul> <p>Required Qualifications</p> <ul> <li>5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment </li><li>Strong understanding of web app and API security, microservices, and containerized architectures </li><li>Experience integrating security tooling into modern CI/CD workflows </li><li>Proficiency with SAST, DAST, IaC scanning, and container security platforms </li><li>Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript). </li><li>Familiarity with AWS security, Kubernetes security, and DevSecOps best practices. </li></ul> <p>Nice to Have</p> <ul> <li>Experience in data analytics or AI/ML product environments. </li><li>Prior experience managing or integrating container runtime protection and supply chain security. </li><li>Certifications such as OSWE, OSCP, CSSLP, AWS Security Specialty, or CISSP. </li></ul> <p>Why Join Us?</p> <ul> <li>Work on cutting-edge security challenges in a fast-growing company. </li><li>Opportunity to shape and drive product security strategy. </li><li>Collaborative and security-minded engineering culture. </li><li>Competitive compensation, benefits, and career growth opportunities. </li></ul> <p>If you're a hands-on security leader passionate about building secure products, we'd love to hear from you!</p>