AlphaSense is looking for a Staff Product Security engineer to lead the design and implementation of secure, scalable, and trustworthy products spanning AI, data, and cloud-native systems. You will work closely with engineering, data science, and infrastructure teams to embed security by design throughout the product lifecycle.
What You'll Do
- Embed robust security practices throughout the software and AI development lifecycle.
- Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services.
- Partner with engineering and product teams to ensure security, privacy, and compliance by design.
- Build and maintain security automation and governance frameworks integrated into development workflows.
- Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments.
- Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft.
- Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act.
- Implement model provenance, integrity, and auditability controls for responsible AI operations.
- Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management.
- Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction.
- Build internal frameworks for continuous assurance and real-time vulnerability management.
- Define and maintain reference security architectures for microservices, APIs, and AI-powered systems deployed in the cloud.
- Mentor teams on secure coding, containerization best practices, and AI risk management.
- Promote a security-first culture through advocacy, documentation, and training.
- Represent product security in cross-functional initiatives and leadership discussions.
What We're Looking For
- 7+ years of experience in product, application, or cloud security engineering.
- Deep understanding of secure SDLC, threat modeling, and secure architecture design.
- Proven expertise with AWS cloud security concepts and best practices.
- Strong experience with container security, orchestration, and runtime protection.
- Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling.
- Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure.
- Familiarity with DevSecOps and continuous integration/deployment environments.
Nice to Have
- Experience with GCP or Azure cloud platforms.
- Knowledge of AI and LLM security.
- Experience with software supply chain security and artifact integrity verification.
- Familiarity with compliance and governance frameworks (SOC 2, ISO 27001, NIST 800-53, NIST AI RMF).
- Certifications such as CKS, CISSP, CSSLP, or AI/ML-focused security credentials.
Technical Stack
- AWS
- Python, Java, JavaScript
- AI/ML
- Container security
Team & Environment
You will work closely with engineering, data science, and infrastructure teams.
Benefits & Compensation
- Work on significant security challenges in a fast-growing company.
- Opportunity to shape and drive product security strategy.
- Collaborative and security-minded engineering culture.
- Competitive compensation, benefits, and career growth opportunities.
- Performance-based bonus, equity, and a generous benefits program.
- Compensation: $184,000 - $252,000 USD
Work Mode
This is a remote position open to candidates within the USA.
AlphaSense is an equal-opportunity employer committed to a work environment that supports, inspires, and respects all individuals and does not discriminate on the basis of race, color, sex, national origin, age, religion, marital status, sexual orientation, gender identity, gender expression, military or veteran status, disability, or any other non-merit factor.
