CrawlJobs Logo
AlphaSense Logo AlphaSense · IT - Software Development

Senior Application Security Engineer

United States 157000.00 - 216000.00 USD / Year · Job Posted December 17, 2025
Apply Position
Job Link Share

Job Description

As an Application Security - Senior Product Security Engineer, you will play a critical role in securing AlphaSense’s cloud-based SaaS products. You will partner with engineering and product teams to embed security best practices into our SDLC, enhance automation across CI/CD, and ensure our customers’ data and insights remain protected. You’ll be a hands-on security engineer who can balance risk reduction with the fast-paced innovation of a global AI-driven technology company.

Job Responsibility

  • Lead application security initiatives across all SaaS products and microservices
  • Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems
  • Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools
  • Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads
  • Drive AppSec awareness and training, developing secure coding practices and guidelines
  • Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices
  • Support bug bounty and vulnerability disclosure programs and coordinate penetration testing
  • Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks

Requirements

  • 5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment
  • Strong understanding of web app and API security, microservices, and containerized architectures
  • Experience integrating security tooling into modern CI/CD workflows
  • Proficiency with SAST, DAST, IaC scanning, and container security platforms
  • Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript)
  • Familiarity with AWS security, Kubernetes security, and DevSecOps best practices

Nice to have

  • Experience in data analytics or AI/ML product environments
  • Prior experience managing or integrating container runtime protection and supply chain security
  • Certifications such as OSWE, OSCP, CSSLP, AWS Security Specialty, or CISSP

What we offer

  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus
  • Equity
  • Generous benefits program
AlphaSense - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Application Security Engineer

8 matching positions

Senior Application Security Engineer

We’re looking for a senior-level security expert to lead proactive security desi...
Location
Location
Poland , Poland
Salary
Salary:
Not provided
airswift.com Logo
Airswift Sweden
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in offensive and defensive security roles, with long-term project experience
  • Proven expertise in penetration testing (especially web applications) and threat modelling
  • Strong programming/scripting skills, particularly in Python
  • Deep knowledge in at least one core security domain (e.g., cryptography, secure architecture, authentication)
  • Excellent communication skills in English.
Job Responsibility
Job Responsibility
  • Lead security architecture reviews and conduct in-depth threat modelling for new products and infrastructure
  • Perform hands-on penetration testing and security assessments to uncover and validate vulnerabilities
  • Research emerging threats and develop mitigation strategies to stay ahead of evolving attack vectors
  • Collaborate with engineering teams to embed security into the development lifecycle (DevSecOps).
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

We are seeking an experienced Application Security Engineer to join our team tha...
Location
Location
Egypt , Cairo
Salary
Salary:
Not provided
coca-colahellenic.com Logo
Coca-Cola HBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in information security and 2+ years in software development
  • Bachelor’s degree in computer science, Information Security, or related field, or equivalent
  • At least one Cyber Security related certification, (e.g. ISC2 CISSP, EC-Council CEH, ISACA’s CSX, Microsoft Azure Security Associate, AWS Certified Security Specialty)
  • Any Application Security certification, (e.g. EC-Council CASE, ISC2 CSSLP, OffSec OWSA, GIAC CWAD)
  • Dedicated and proactive, finding opportunities and leading initiatives independently
  • Deep understanding of enterprise, cloud and cloud-native architectures and their secure design
  • Skilled in multiple programming languages (e.g., .NET, JavaScript, Python)
  • Proven expertise in guiding security development and code evaluations and providing actionable, risk-based technical recommendations
  • Knowledge of application security best practices such as OWASP Top 10, OWASP SAMM/DSOMM, OWASP ASVS/MASVS
  • Expertise in network and web protocols (TCP/IP, TLS, HTTPS, OAuth 2.0, OpenID Connect) and common attack vectors
Job Responsibility
Job Responsibility
  • Advance the application security strategy through multi-functional initiatives and cultural influence
  • Lead security initiatives across the SDLC and improve development practices through scalable automation
  • Conduct and guide security requirements and threat modeling early in design phases
  • Partner with product management, platform engineering, development and cyber defense teams to align business goals with security needs
  • Lead security architecture, design and code reviews
  • Perform hands-on security testing to identify risks and drive remediation with development teams
  • Drive software supply chain security practices to ensure protection against code, build, and artifact tampering across the CI/CD pipeline
  • Balance business and security risks through technically grounded, pragmatic recommendations
  • Translate lessons learned into reusable organizational assets that enhance overall security posture
  • Mentor engineers and practitioners, promoting secure-by-default thinking and shared accountability
What we offer
What we offer
  • Coaching and mentoring programs
  • Development opportunities
  • Equal opportunity employer
  • Learning programs
  • Work with iconic brands
  • Supportive team
  • Volunteering Opportunities
  • Wellbeing program
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

We're hiring a Senior Application Security Engineer to join a small, high-levera...
Location
Location
United States , Remote
Salary
Salary:
180000.00 - 210000.00 USD / Year
qualia.com Logo
Qualia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of hands-on experience in application security, offensive security, or security engineering, with demonstrable depth in at least two of: offensive testing, security tooling/automation, and cloud/infra security
  • Strong offensive skills - you can manually exploit real web and API vulnerabilities beyond what a scanner will find, and you can teach others to do the same
  • Deep familiarity with building and operating security tooling in a modern engineering org: SAST/DAST/SCA pipelines, custom detection rules, secrets scanning, and CI/CD security gates. You've written tooling, not just configured it
  • Production experience with AWS (IAM, VPC, networking, data services), containerized workloads (Docker, Kubernetes/EKS), and infrastructure-as-code (Terraform or similar)
  • Comfort reading, reviewing, and contributing code in at least one language common to modern web stacks (Python, Go, Ruby, TypeScript, or similar)
  • Clear, direct communication style. You can make a sharp technical argument to senior engineers, translate risk into business terms for leadership, and write a bug report an engineer actually wants to fix
  • Strong partnership instincts - you get leverage by making other teams faster, not by blocking them
Job Responsibility
Job Responsibility
  • Run offensive assessments against Qualia's applications and infrastructure: manual penetration testing, exploit development, authenticated web/API testing, and adversarial review of new designs before they ship
  • Lead threat modeling and secure design review for the highest-risk initiatives across the company, and mentor engineers to do the same for their own work
  • Own and evolve our AppSec tooling stack end-to-end - SAST, DAST, SCA, secret scanning, IaC scanning, and the CI/CD gates that tie them together. Build the custom rules, detections, and automation that generic tooling doesn't give us
  • Harden our cloud posture: review AWS configurations, IAM policies, Kubernetes/EKS workloads, and networking boundaries
  • build automation and guardrails that prevent the same class of issue from recurring
  • Reduce toil for the team - write the tools, scripts, and integrations that turn a day of triage into a few minutes
  • Partner with Infrastructure and Platform on detection engineering, incident response support, and cross-cutting programs (secrets management, supply chain, runtime security)
  • Set the technical bar for the AppSec team: raise the quality of reviews, establish patterns others can reuse, and mentor peers across seniority levels
  • Represent AppSec in architectural reviews, vendor evaluations, and compliance efforts
What we offer
What we offer
  • comprehensive health plans
  • 401k program
  • commuter benefits
  • professional development
  • parental leave
  • flexible time off policy
  • robust online onboarding program
  • biweekly all hands meetings
  • a variety of internal virtual events to keep employees connected
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

We’re looking for a senior-level security expert to lead proactive security desi...
Location
Location
Poland
Salary
Salary:
Not provided
airswift.com Logo
Airswift Sweden
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years in offensive and defensive security roles, with long-term project experience
  • Proven expertise in penetration testing (especially web applications) and threat modelling
  • Strong programming/scripting skills, particularly in Python
  • Deep knowledge in at least one core security domain (e.g., cryptography, secure architecture, authentication)
  • Excellent communication skills in English
Job Responsibility
Job Responsibility
  • Lead security architecture reviews and conduct in-depth threat modelling for new products and infrastructure
  • Perform hands-on penetration testing and security assessments to uncover and validate vulnerabilities
  • Research emerging threats and develop mitigation strategies to stay ahead of evolving attack vectors
  • Collaborate with engineering teams to embed security into the development lifecycle (DevSecOps)
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

We are hiring an Application Security Engineer to join our Infrastructure & Secu...
Location
Location
United States
Salary
Salary:
170000.00 - 210000.00 USD / Year
onebrief.com Logo
Onebrief
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application Security, Cybersecurity Engineering, Software Engineering or a related field
  • U.S. citizenship required
  • A strong understanding of Linux, containerization and orchestration, and virtual machines
  • Networking fundamentals: core protocols and secure configurations
  • A deep understanding of incident response processes
  • Clear, concise writing
  • strong documentation habits and async communication
  • Core skills and technologies: Javascript/Browser security, Network Security, Firewalls, Intrusion Detection, Static Analysis, Dynamic Analysis, Container Scanning, Kubernetes, Docker, Helm, Ansible, Terraform, Linux, AWS, DoD compliance, Monitoring and Observability tools
  • 5+ years experience in Cybersecurity, Software Engineering and/or DevOps
  • Familiarity with DevOps practices, CI/CD
Job Responsibility
Job Responsibility
  • Find Vulnerabilities in our Software: Bring an attacker’s mindset to review PRs, perform code audits, and utilize static analysis to identify vulnerable code patterns
  • Fix Vulnerabilities Across the Full Stack: Think like an adversary to find, fix, prevent or patch vulnerabilities from browser to kernel
  • Improve the Security Posture of Infrastructure: Review identity and access management, logging, auditing, monitoring to help craft a layered defense
  • Make the Team Stronger: Mentor other engineers on best security practices, share news of vulnerable libraries and compromises, engage with community on active threats and trends
What we offer
What we offer
  • Equity: Share in the company's success
  • Flexible Work Environment: Remote-first organization* with flexible work hours and unlimited PTO
  • Comprehensive Health Coverage: Health, dental, vision, and life insurance
  • Retirement Plan: 401(k) plan with company match
  • Parental Leave: 8 weeks at 100% regardless of state
  • Company Retreats: Annual company summit trips
  • Home Office Budget: $1,000 per year for home office improvements
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This is one of our most critical roles, and it’s the first dedicated AppSec hire...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
wetravel.com Logo
WeTravel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience securing SaaS product environments
  • Experience in cloud native and containerized environments
  • Strong CI/CD experience
  • Ability to read and review code (you do not need to write application code for us day to day)
  • Experience working with software engineers
  • Hands on security engineering experience with strong ownership and delivery
Job Responsibility
Job Responsibility
  • Work closely with the Platform team to improve security across infrastructure
  • Work closely with product engineering teams to analyze code for vulnerabilities
  • Build CI/CD automation to find security issues automatically
  • Analyze what we have today, find gaps, take ownership, and execute on improvements
  • Help shift engineering mindset to be more security focused, without blocking development
What we offer
What we offer
  • Competitive salary
  • Generous "Time to Recharge" policy — enjoy unlimited paid time off to rest, recharge, and show up as your best self
  • Work remotely for a maximum of 4 weeks per calendar year
  • 2-week cross-functional onboarding program
  • Cycle-to-work scheme (Swapfiets subscription) or commuting reimbursement
  • Tuesday team lunches and after-work social events
  • Beautiful office in central Amsterdam – rooftop garden and right by Rokin metro
  • Extensive paid family leave
  • Three paid volunteer days per year — take time to give back to causes you care about, on us
  • Cutting-edge equipment and tools to set you up for success
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

In your role as a Senior Application Security Engineer, you are responsible for ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
resmed.com Logo
ResMed
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science or related field
  • Minimum of 5 years of experience in application security, software development, or related field
  • Expertise in Securing Software Development Lifecycles
  • Expertise in one or more high-level programming languages, e.g., Java, C#, Python, etc.
  • Expertise in application-level attacks and defenses, e.g., OWASP Top 10, SANS Top 25, etc.
  • Experience with AI application security concepts e.g. OWASP Top 10 for LLM applications, etc.
  • Experience with AppSec tooling such as SAST, DAST, IAST, RASP, etc.
  • Experience working with DevOps, Agile, Scrum, Kanban methodologies
  • Experience with AWS cloud services such as WAF, EC2, S3, Lambda, VPC, CloudWatch, CloudTrail, EKS, ECS, KMS, IAM, RDS
Job Responsibility
Job Responsibility
  • Enable development teams to develop secure applications
  • Operation and support of code scanning tools, e.g., Wiz and Checkmarx
  • Supporting development teams to triage findings and enable self-service
  • Ensuring code scanning tools integrate seamlessly into the current software development lifecycle with minimal friction e.g. Github actions as a part of existing shared CICD workflows
  • Oversee the design, implementation, and management of the infrastructure and tooling necessary to support all security aspects of continuous integration, continuous delivery, and continuous deployment (CI/CD) pipelines
  • Collaborate with key stakeholders to identify opportunities for automation, process improvement, and tool optimization
  • Research and implement new technologies to improve and grow secure development (e.g. applications, systems, outsources services)
  • Maintain operational guidelines, diagrams, and documentation for secure development
  • Work closely with the developer experience team to integrate security automation into the development process
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

The Security team at Zip is responsible for protecting the confidentiality and i...
Location
Location
United States , San Francisco
Salary
Salary:
160000.00 - 220000.00 USD / Year
ziphq.com Logo
Zip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience writing production-quality code for security tooling and services
  • Strong written and verbal communication with internal and external stakeholders
  • A solid understanding of security risks and the ability to balance security with business requirements
  • Experience with web applications, APIs, and cloud environments. At Zip, our stack includes Python, React, GraphQL, Kubernetes, and AWS
Job Responsibility
Job Responsibility
  • Design and implement technical controls to eliminate or mitigate classes of security vulnerabilities
  • Support the development of secure products through design reviews, threat models, static/dynamic scans, and hands-on security assessments
  • Validate, triage, and coordinate security findings from bug bounty and third party pentests
  • Mentor security analysts and security champions on security best practices and techniques
What we offer
What we offer
  • Start-up equity
  • Full health, vision & dental coverage
  • Catered lunches & dinners for SF employees
  • Commuter benefit
  • Team building events & happy hours
  • Flexible PTO
  • Apple equipment plus home office budget
  • 401k plan
  • Fulltime
Read More
Arrow Right