Senior Security Engineer

About The Position

Requirements

• Bachelor's or Master's degree in Computer Science, Software Engineering, Cybersecurity, or equivalent practical experience
• 4+ years of experience in DevSecOps, software engineering, security engineering, cloud security, infrastructure security, or a related role
• Proficiency in one or more programming languages such as Java, Go, Python, or similar, with experience building automation, integrations, or production tooling
• Experience with REST and/or GraphQL APIs, including testing, debugging, and building integrations
• Hands-on experience with DevOps and infrastructure automation tools including Kubernetes, Terraform, GitHub Actions, or similar platforms
• Experience integrating security controls into development, CI/CD, infrastructure, or cloud workflows
• Experience with cloud security concepts and controls, with Google Cloud Platform (GCP) as the primary cloud environment.
• Ability to execute tasks with high accuracy and thoroughness and maintain confidentiality when dealing with sensitive information
• Strong written and verbal communications skills. Ability to explain technical concepts to audiences at different levels

Nice To Haves

• Familiarity with AWS, OCI, Azure, or multi-cloud security patterns is preferred

Responsibilities

• Support anti-bot, anti-fraud, account-abuse, and application-abuse prevention through application telemetry integration, automation, and coordination with edge/platform teams
• Build and deploy application and API security controls as code, including HAProxy configuration, WAF and bot-management rules, rate limits, routing controls, and related edge/platform security policy through version-controlled IaC and CI/CD workflows
• Collaborate with development and infrastructure teams to integrate security into CI/CD pipelines
• Build and improve security controls across CI/CD pipelines, source code platforms, artifact repositories, and deployment workflows
• Integrate security testing such as code scanning, secrets scanning, dependency scanning, container scanning, and infrastructure-as-code scanning into developer workflows
• Help define findings severity levels, ownership, exception handling, and remediation routing models
• Partner with engineering and security teams to reduce remediation noise and improve secure delivery practices
• Build policy-as-code and security guardrails for cloud, infrastructure-as-code, Kubernetes, and platform delivery workflows
• Help prevent common risks such as public exposure, overly permissive access, weak logging, insecure storage, missing encryption, and unsafe secrets handling
• Create reusable security patterns, remediation guidance, and developer-friendly feedback for infrastructure and platform teams
• Partner with cloud and platform teams to improve baseline security across prioritized environments
• Identify practical opportunities to use AI-assisted workflows across security review, remediation, prioritization, and operational analysis
• Evaluate and integrate AI-enabled development and security tools where they improve quality, speed, or consistency
• Build governed AI-assisted workflows that preserve human approval, auditability, secure data handling, and engineering ownership
• Help define responsible AI usage patterns for DevSecOps and security engineering workflows
• Partner with Product, Development, Cloud Platform, and Security teams to embed security earlier in engineering workflows
• Drive adoption of secure engineering practices through practical guidance, reusable patterns, and developer-friendly tooling
• Support threat modeling and security reviews, and provide practical guidance for prioritized applications and platforms
• Participate in an on-call rotation to respond to escalated security issues and high-risk operational events

Benefits

• Competitive Benefits Package
• Company 401K Contribution
• Paid Time Off and Holidays
• Paid Parental Leave
• Access to Free Tickets to Baseball Games & MLB.TV
• Discounts at MLB Store | MLBShop.com
• Employee Assistance Programs (EAP)
• Onsite/Online Training & Development Programs
• Tuition Reimbursement
• Disability Benefits (short term and long term)
• Life and Accidental Death Insurance
• Pet Insurance