Senior Engineering Manager, Product Security

Summary

Join AlphaSense as a Sr. Product Security Engineering Manager and lead our product security function. This role blends strategic security initiatives with hands-on contributions to secure our software development lifecycle (SDLC). You will collaborate with engineering, DevOps, and compliance teams, mentoring a team of security engineers. The position requires strong technical expertise and leadership skills to define and implement a scalable security strategy. You will conduct architecture reviews, threat modeling, and code reviews, while also investigating and remediating security vulnerabilities. Success in this role demands experience in security engineering, leadership, and secure software development.

Requirements

• 8+ years of experience in security engineering, with at least 3+ years in a leadership role
• Strong hands-on experience with secure software development, threat modeling, and security architecture reviews
• Proficiency in one or more programming languages (e.g., Python, Java, JavaScript)
• Experience with application security testing tools (SAST, DAST, SCA) and DevSecOps automation
• Knowledge of cloud security best practices (AWS, Azure, or GCP)
• Strong understanding of OWASP Top 10, secure coding practices, and common attack vectors
• Experience integrating security into CI/CD pipelines and DevOps workflows

Responsibilities

• Lead and grow the product security team, setting technical direction and priorities
• Define and implement a scalable security strategy for our products, ensuring security is integrated across the SDLC
• Collaborate with engineering and product teams to drive security-by-design principles
• Advocate for security best practices across the organization
• Conduct architecture reviews, threat modeling, and code reviews to identify security risks
• Implement and enhance security tooling, including SAST, DAST, and SCA solutions
• Develop secure coding guidelines and train engineers on secure development practices
• Automate security controls and integrate security testing into CI/CD pipelines
• Investigate and remediate security vulnerabilities in applications and cloud infrastructure
• Partner with incident response teams to analyze and mitigate security incidents affecting products
• Work with compliance teams to ensure adherence to frameworks such as ISO 27001, SOC 2, and GDPR
• Monitor and assess emerging security threats, adapting security programs accordingly

Preferred Qualifications

• Experience leading security teams in a SaaS environment
• Contributions to security communities, open-source projects, or security research
• Relevant security certifications (e.g., CISSP, OSCP, CSSLP, AWS Security)