Sr. Application Security Engineer

Who We Are

Addepar is a global data and AI platform empowering investment professionals to turn complex financial information into actionable intelligence. Addepar unifies portfolio, market and client data in a total portfolio view and delivers AI-powered insights within investment and client workflows. More than 1,400 firms in nearly 60 countries use Addepar to manage and advise on nearly $9 trillion in assets. Its open platform integrates with nearly 650 software, data and consulting partners to power end-to-end investment operations across firms of all sizes and complexity. Addepar supports clients worldwide with offices in New York City, Salt Lake City, London, Edinburgh, Pune, Dubai, Geneva and São Paulo.

The Role

Join Addepar’s Application Security team as a Senior Application Security Engineer focused on embedding security deeply into our development lifecycle by building, automating, and maintaining security controls at scale. This role will also work on pushing AI initiatives forward and defining how our engineering teams securely implement AI, while simultaneously integrating wider workflows into our own security processes. If you are passionate about secure coding, automation and the frontier of AI security, we want you on our team.

Applicants must have, and maintain, the right to work in the United Kingdom from the first day of employment. Please note that visa sponsorship is not available for this role.

What You’ll Do

You will design, implement, and enforce security guardrails and best practices for how other engineering teams utilise AI tools and features

Oversee and optimize our security scanning ecosystem across all repositories, including SAST, SCA, and container security using GitHub Advanced Security, CodeQL, and similar tools

Push our internal team’s capabilities forward by identifying where and how to integrate AI into our daily workflows to build smarter, more efficient security tools

Maintain and refine our PR security review processes, managing blocking PRs and enhancing custom internal tooling that flags dangerous or high-risk code changes for security review

Partner with engineering teams to deliver secure business outcomes and measure impact through coverage, prevention, and response metrics

Participate in design reviews and security assessments, producing clear and actionable assessment reports

Who You Are

You have experience in application security with hands-on integrating security into SDLC at scale

You have a deep understanding and experience across GitHub CI/CD use and best practices

You have extensive experience with Python, and a solid familiarity with Java and JavaScript

You are curious and forward-thinking about the AI security landscape. While you don't need to be an AI expert, you are aware of how LLMs integrate with tools (Skills, MCPs, agents and identities), and keep up-to-date with security developments in the AI space

You have sharp analytical and critical thinking skills, allowing you