opengreenhousesggc
Senior Application Security Engineer
AlphaSense
LocationRemote - United States
WorkplaceFull
Last observed2026-06-13 05:25:16.463954
Job idsggc-alphasense:greenhouse:8538758002
About AlphaSense: The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content. The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us! About the Role AlphaSense is investing in the next generation of our Application Security capability, a continuous, AI-augmented, layered defense program built for a SaaS engineering organization where AI agents and human developers ship code side by side at high velocity. As a Senior AI Application Security Engineer, you will be a senior individual contributor at the center of that program. You will own the code and pull-request enforcement layer that every change flows through, whether authored by a human or an AI coding agent. You will define and harden the deterministic security gates that make AI-authored code auditably equivalent to human-authored code, and partner directly with engineering teams shipping AI-native and agentic features, including MCP integrations, AI coding assistants, and AI capabilities embedded in our research workflows, so those features are designed, built, and operated securely from the start. This is a hands-on, build-it role. Not an auditor. Not a dashboard owner. We are looking for a security engineer who writes code, reads pull requests fluently across multiple languages, has personally shipped or integrated with agentic and MCP systems, and treats Application Security as a partnership with engineering rather than a gate to enforce. You will report to the Director of Application Security within Product Security, and partner closely with our broader Security, Engineering, and GRC teams. This is a foundational hire with a clear path to Staff / Tech Lead as the team grows. What You'll Own Continuous Code & PR Security (primary ownership) Operate and continuously tune the SAST, SCA, secrets-detection, and SBOM pipeline. Design, ship, and harden the deterministic security gates that make AI-authored PRs auditably equivalent to human-authored ones. Review human-authored and agent-authored PRs, catching the semantic violations static analysis misses. Co-submit AI-generated patch proposals so human effort scales as review-and-merge, not authorship. Drive findings to closure at the class level, fix a token-handling bug once at the platform layer and watch it propagate. Agentic & AI Security Own how we secure AI-assisted development: Claude Code, Cursor, Copilot, MCP servers, agent-authored PRs, sub-agents handling rebases and CI fixes. Author and roll out our AI-Assisted Development Security policy: prompt injection defense, MCP scope and credential governance, agent credential inheritance, secret leakage to agent logs, agent-action audit attribution. Partner with harness engineering on agent scope declarations, agent identity registration, and the verification hooks that distinguish agent-initiated actions from human-initiated ones in the audit stream. Threat model new AI features , agent gateway, MCP connector architecture, AI workflows in the research platform , and ship the controls. Threat Modeli
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.