Senior Application Security Engineer

About AlphaSense:

The world’s most sophisticated companies rely on AlphaSense to remove uncertainty from decision-making. With market intelligence and search built on proven AI, AlphaSense delivers insights that matter from content you can trust. Our universe of public and private content includes equity research, company filings, event transcripts, expert calls, news, trade journals, and clients’ own research content.

The acquisition of Tegus by AlphaSense in 2024 advances our shared mission to empower professionals to make smarter decisions through AI-driven market intelligence. Together, AlphaSense and Tegus will accelerate growth, innovation, and content expansion, with complementary product and content capabilities that enable users to unearth even more comprehensive insights from thousands of content sets. Our platform is trusted by over 6,000 enterprise customers, including a majority of the S&P 500. Founded in 2011, AlphaSense is headquartered in New York City with more than 2,000 employees across the globe and offices in the U.S., U.K., Finland, India, Singapore, Canada, and Ireland. Come join us!

About the Role

AlphaSense is investing in the next generation of our Application Security capability, a continuous, AI-augmented, layered defense program built for a SaaS engineering organization where AI agents and human developers ship code side by side at high velocity. As a Senior AI Application Security Engineer, you will be a senior individual contributor at the center of that program.

You will own the code and pull-request enforcement layer that every change flows through, whether authored by a human or an AI coding agent. You will define and harden the deterministic security gates that make AI-authored code auditably equivalent to human-authored code, and partner directly with engineering teams shipping AI-native and agentic features, including MCP integrations, AI coding assistants, and AI capabilities embedded in our research workflows, so those features are designed, built, and operated securely from the start.

This is a hands-on, build-it role. Not an auditor. Not a dashboard owner. We are looking for a security engineer who writes code, reads pull requests fluently across multiple languages, has personally shipped or integrated with agentic and MCP systems, and treats Application Security as a partnership with engineering rather than a gate to enforce.

You will report to the Director of Application Security within Product Security, and partner closely with our broader Security, Engineering, and GRC teams. This is a foundational hire with a clear path to Staff / Tech Lead as the team grows.

What You'll Own

Continuous Code & PR Security (primary ownership)

Operate and continuously tune the SAST, SCA, secrets-detection, and SBOM pipeline.

Design, ship, and harden the deterministic security gates that make AI-authored PRs auditably equivalent to human-authored ones.

Review human-authored and agent-authored PRs, catching t