Alphasense

Alphasense

Alphasense is a global leader in providing high-quality gas sensors and air quality monitors to industrial OEMs. With over 25 years of experience, the company offers a wide range of innovative gas sensor technologies for various applications, including...

Industrial Conglomerates
51-250
Founded 1996

Description

  • Own the code and pull-request security enforcement layer that every change passes through.
  • Operate and continuously tune the SAST, SCA, secrets-detection, and SBOM pipeline.
  • Design and harden deterministic security gates for AI-authored and human-authored code.
  • Review human-authored and agent-authored pull requests and contribute AI-generated patch proposals.
  • Own the security approach for AI-assisted development tools and workflows, including agentic systems and MCP integrations.
  • Author and roll out AI-assisted development security policy covering prompt injection, scope governance, credential handling, and audit attribution.
  • Threat model new AI features, agent gateways, MCP connector architecture, and AI workflows in the research platform.
  • Scale threat modeling and embed security acceptance criteria and verification hooks into the product design process.
  • Partner with engineering and product security teams to build practical security training and developer enablement programs.
  • Drive fast resolution of critical findings, support testing and posture programs, and lead response for application-layer incidents and integration compromises.

Requirements

  • 6+ years of engineering experience, including 4+ years in a dedicated AI Application Security or Product Security role at a SaaS or cloud-native company.
  • Hands-on, recent development experience; ability to write code and read pull requests fluently in at least two of Python, TypeScript/JavaScript, Java/Kotlin, or Go.
  • Comfort working with Terraform, Helm, and Kubernetes manifests.
  • Direct experience building, integrating, or operating agentic AI and MCP systems in production or governed engineering workflows.
  • Production operation of a SAST/SCA pipeline at scale using tools such as Snyk, Semgrep, GitHub Advanced Security, Checkmarx, Veracode, or equivalent.
  • Demonstrated ownership of a threat modeling or developer security training program.
  • Ability to think in layered, defense-in-depth security models across code, contract, behavior, simulation, and data.
  • Strong written communication skills for policy, guidance, runbooks, and PR feedback.
  • Open-source contributions to security tools, MCP servers/frameworks, agent harnesses, or threat modeling tools are preferred.
  • Experience shipping deterministic compliance gates accepted by external auditors is preferred.
  • API security and DAST experience, plus modern container/Kubernetes security, is preferred.
  • AWS security depth and exposure to AI/ML production environments are preferred.
  • Experience supporting customer-facing security posture dashboards or DDQ responses, ideally in a regulated industry, is preferred.
  • Public writing or speaking on developer security, AI/agent security, or AppSec automation is preferred.
  • Pre-IPO experience or familiarity with SOC 2 Type II, ISO 27001:2022, ISO 42001, SOX, or GDPR is preferred.
  • Certifications such as OSWE, OSCP, CSSLP, AWS Security Specialty, or CISSP are preferred.

Benefits

  • Base salary range of $157,000 to $216,000 USD.
  • Performance-based bonus eligibility.
  • Equity compensation.
  • Generous benefits program.
  • Remote-first work environment.
  • High autonomy in a senior individual contributor role.
  • Clear path to Staff / Tech Lead as the team grows.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Senior Manager, Engineering

Sumo Logic 251-1K Internet Software & Services

Sumo Logic is hiring a Senior Manager, Engineering for Application Security to lead global programs that improve product security, reliability, and operational efficiency across its cloud platform.

Agile AWS C++ Docker GCP Java Kafka Kubernetes OWASP Ruby Scala SIEM
18 hours, 11 minutes ago

Security Engineering - Apps and Cloud Security

CallTek 51-250 Internet Software & Services

A security engineer at the company will own cloud and application security initiatives across CSPM, CIEM, CWPP, and AppSec platforms, with a focus on securing multi-cloud environments and enabling DevSecOps.

AWS DevSecOps GCP
18 hours, 12 minutes ago

Senior Configuration Engineer, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Configuration Engineer to lead enterprise release management and delivery automation across cloud-native, SaaS, and AI product environments.

Ansible Azure Bash CI/CD DevSecOps Docker GitOps Jenkins Kubernetes PowerShell Python Secrets Management Terraform
6 days, 17 hours ago

Senior Cyber-Security Operations Analyst, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Cyber Security Operations Analyst to help design and scale secure Azure-based development and QA environments while improving CI/CD delivery and integrating security across the software lifecycle.

Ansible AWS Azure Bash CI/CD DevSecOps Docker GCP Git GitHub Actions Jenkins Kubernetes PowerShell Python Secrets Management Terraform
6 days, 17 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers