×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity AI Engineer Systems Engineer Security Manager

Senior Application Security Engineer Remote

Remote / Online - Candidates ideally in
New York, New York County, New York, 10261, USA
Listing for: AlphaSense, Inc.
Remote/Work from Home position
Listed on 2026-06-06
Job specializations:
  • IT/Tech
    Cybersecurity, AI Engineer, Systems Engineer, Security Manager
Salary/Wage Range or Industry Benchmark: 100000 - 125000 USD Yearly USD 100000.00 125000.00 YEAR
Job Description & How to Apply Below
Position: Senior Application Security Engineer New Remote - United States
Location: New York

About the Role

Alpha Sense is investing in the next generation of our Application Security capability, a continuous, AI-augmented, layered defense program built for a SaaS engineering organization where AI agents and human developers ship code side by side at high velocity. As a Senior AI Application Security Engineer, you will be a senior individual contributor at the center of that program.

You will own the code and pull-request enforcement layer that every change flows through, whether authored by a human or an AI coding agent. You will define and harden the deterministic security gates that make AI-authored code auditably equivalent to human-authored code, and partner directly with engineering teams shipping AI-native and agentic features, including MCP integrations, AI coding assistants, and AI capabilities embedded in our research workflows, so those features are designed, built, and operated securely from the start.

This is a hands‑on, build‑it role. Not an auditor. Not a dashboard owner. We are looking for a security engineer who writes code, reads pull requests fluently across multiple languages, has personally shipped or integrated with agentic and MCP systems, and treats Application Security as a partnership with engineering rather than a gate to enforce.

You will report to the Director of Application Security within Product Security, and partner closely with our broader Security, Engineering, and GRC teams. This is a foundational hire with a clear path to Staff / Tech Lead as the team grows.

What You'll Own

Continuous Code & PR Security (primary ownership)

  • Operate and continuously tune the SAST, SCA, secrets‑detection, and SBOM pipeline.
  • Design, ship, and harden the deterministic security gates that make AI‑authored PRs auditably equivalent to human‑authored ones.
  • Review human‑authored and agent‑authored PRs, catching the semantic violations static analysis misses. Co‑submit AI‑generated patch proposals so human effort scales as review‑and‑merge, not authorship.
  • Drive findings to closure at the class level, fix a token‑handling bug once at the platform layer and watch it propagate.

Agentic & AI Security

  • Own how we secure AI‑assisted development:
    Claude Code, Cursor, Copilot, MCP servers, agent‑authored PRs, sub‑agents handling rebases and CI fixes.
  • Author and roll out our AI‑Assisted Development Security policy: prompt injection defense, MCP scope and credential governance, agent credential inheritance, secret leakage to agent logs, agent‑action audit attribution.
  • Partner with harness engineering on agent scope declarations, agent identity registration, and the verification hooks that distinguish agent‑initiated actions from human‑initiated ones in the audit stream.
  • Threat model new AI features, agent gateway, MCP connector architecture, AI workflows in the research platform, and ship the controls.
  • Scale the threat modeling framework. Pilot with the highest‑risk teams, then make it standard for new features and architectural changes.
  • Partner with the product security team to build a security training program engineers actually use: secure coding patterns, authentication and authorization fundamentals, prompt injection awareness, how to engage Product Security on a design.
  • Embed testable security acceptance criteria, agent scope declarations, and verification hooks into the PRD template so services declare their security posture at design time.

Layered Security

  • Continuous Security Testing is a five‑layer model:
    Code (yours), Infrastructure & Contract, Behavioral Intelligence, Adversarial Simulation, and Data Segmentation. You won’t operate all five, but you’ll integrate tightly with the teams that do and ensure your Layer 1 signal is consumable by Layers 2‑5 and by GRC for compliance evidence.

Detection‑to‑Response Velocity

  • Drive MTTR on critical findings under 24 hours, finding precision above 95%, and recurring named classes trending to zero quarter over quarter.
  • Support DAST deployment, the API pen test program, and the customer‑facing security posture dashboard.
  • Coordinate penetration testing, bug bounty intake, and partner threat‑intel feeds, translating external attack‑pattern disclosures into…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search