Note: The job is a remote job and is open to candidates in USA. AlphaSense is a leading company in AI-driven market intelligence, and they are seeking a Staff Product Security Engineer to enhance the security of their products. In this role, you will lead the design and implementation of secure systems and collaborate with various teams to ensure security is integrated throughout the product lifecycle.
Responsibilities
- Embed robust security practices throughout the software and AI development lifecycle (SDLC)
- Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services
- Partner with engineering and product teams to ensure security, privacy, and compliance by design
- Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows
- Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments
- Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft
- Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act
- Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations
- Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management
- Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction
- Build internal frameworks for continuous assurance and real-time vulnerability management
- Define and maintain reference security architectures for microservices, APIs, and AI-powered systems deployed in the cloud
- Mentor teams on secure coding, containerization best practices, and AI risk management
- Promote a security-first culture through advocacy, documentation, and training
- Represent product security in cross-functional initiatives and leadership discussions
Skills
- 7+ years of experience in product or application security engineering
- Deep understanding of secure SDLC, threat modeling, and secure architecture design
- Proven expertise with AWS cloud security concepts and best practices
- Strong experience with container security, orchestration, and runtime protection
- Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling
- Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure
- Familiarity with DevSecOps and continuous integration/deployment environments
- Familiarity with encryption fundamentals, including symmetric and asymmetric cryptography, TLS/mTLS, key management, and secrets handling best practices
- Demonstrated ability to drive cross-functional security initiatives, partnering with engineering, product, and legal teams to embed security requirements into roadmaps, influence architectural decisions, and align stakeholders across organizational boundaries
- Experience with GCP or Azure cloud platforms
- Knowledge of AI and LLM security
- Experience with software supply chain security and artifact integrity verification
- Familiarity with compliance and governance frameworks (SOC 2, ISO 27001, NIST 800-53, NIST AI RMF)
- Understanding of authentication and authorization patterns in modern applications, including OAuth 2.0, OIDC, SAML, RBAC, and ABAC
- Certifications such as CKS (Certified Kubernetes Security Specialist), CISSP, CSSLP, or AI/ML-focused security credentials
Benefits
- You may also be offered a performance-based bonus, equity, and a generous benefits program.
- Competitive compensation, benefits, and career growth opportunities.
Company Overview
Company H1B Sponsorship