← Back to jobs
Alphasense
Alphasense

Senior Application Security Engineer

engineeringfull-timeRemote - United States
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
ai
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

About the Role

AlphaSense is investing in the next generation of our Application Security capability, a continuous, AI-augmented, layered defense program built for a SaaS engineering organization where AI agents and human developers ship code side by side at high velocity. As a Senior AI Application Security Engineer, you will be a senior individual contributor at the center of that program.

You will own the code and pull-request enforcement layer that every change flows through, whether authored by a human or an AI coding agent. You will define and harden the deterministic security gates that make AI-authored code auditably equivalent to human-authored code, and partner directly with engineering teams shipping AI-native and agentic features, including MCP integrations, AI coding assistants, and AI capabilities embedded in our research workflows, so those features are designed, built, and operated securely from the start.

This is a hands-on, build-it role. Not an auditor. Not a dashboard owner. We are looking for a security engineer who writes code, reads pull requests fluently across multiple languages, has personally shipped or integrated with agentic and MCP systems, and treats Application Security as a partnership with engineering rather than a gate to enforce.

You will report to the Director of Application Security within Product Security, and partner closely with our broader Security, Engineering, and GRC teams. This is a foundational hire with a clear path to Staff / Tech Lead as the team grows.

What You'll Own

  • Continuous Code & PR Security (primary ownership)
    • Operate and continuously tune the SAST, SCA, secrets-detection, and SBOM pipeline.
    • Design, ship, and harden the deterministic security gates that make AI-authored PRs auditably equivalent to human-authored ones.
    • Review human-authored and agent-authored PRs, catching the semantic violations static analysis misses. Co-submit AI-generated patch proposals so human effort scales as review-and-merge, not authorship.
    • Drive findings to closure at the class level, fix a token-handling bug once at the platform layer and watch it propagate.
  • Agentic & AI Security
    • Own how we secure AI-assisted development: Claude Code, Cursor, Copilot, MCP servers, agent-authored PRs, sub-agents handling rebases and CI fixes.
    • Author and roll out our AI-Assisted Development Security policy: prompt injection defense, MCP scope and credential governance, agent credential inheritance.
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $14.99/mo. Cancel anytime.
Join waitlist
Apply now
Senior Application Security Engineer at Alphasense — Remote