Search all jobs
Browse jobs › Senior Security Engineer

Senior Security Engineer

Majorleaguebaseball · Remote, USA · Posted Jun 3, 2026

Apply on company site   Track it in JobSkout

As a Senior Security Engineer, Development Security Operations, you will help build the security engineering layer behind MLB’s application delivery and cloud infrastructure. The work spans applications, APIs, cloud platforms, infrastructure-as-code, CI/CD pipelines, and the Agentic SDLC.

You will write automation, integrate security tools, and turn security requirements into controls that engineering teams can use in their normal delivery workflows. The role is focused on reducing preventable security issues, improving how findings are detected and routed, and cutting down repetitive remediation work across revenue-critical applications and fan-facing systems.

Responsibilities

We are looking for a hands-on security engineer who can write code, integrate tools, automate workflows, and turn security requirements into implemented solutions.

The person in this role should be comfortable using AI-assisted workflows to make security review, prioritization, remediation, and operations faster and more reliable, while keeping engineering ownership, approval, and auditability intact.

Application Account Security

Support anti-bot, anti-fraud, account-abuse, and application-abuse prevention through application telemetry integration, automation, and coordination with edge/platform teams

Build and deploy application and API security controls as code, including HAProxy configuration, WAF and bot-management rules, rate limits, routing controls, and related edge/platform security policy through version-controlled IaC and CI/CD workflows

CI/CD Security Software Supply Chain

Collaborate with development and infrastructure teams to integrate security into CI/CD pipelines

Build and improve security controls across CI/CD pipelines, source code platforms, artifact repositories, and deployment workflows

Integrate security testing such as code scanning, secrets scanning, dependency scanning, container scanning, and infrastructure-as-code scanning into developer workflows

Help define findings severity levels, ownership, exception handling, and remediation routing models

Partner with engineering and security teams to reduce remediation noise and improve secure delivery practices

Infrastructure and Cloud Platform Security Guardrails

Build policy-as-code and security guardrails for cloud, infrastructure-as-code, Kubernetes, and platform delivery workflows

Help prevent common risks such as public exposure, overly permissive access, weak logging, insecure storage, missing encryption, and unsafe secrets handling

Create reusable security patterns, remediation guidance, and developer-friendly feedback for infrastructure and platform teams

Partner with cloud and platform teams to improve baseline security across prioritized environments

AI-Assisted Security Engineering and Innovation

Identify practical opportunities to use AI-assisted workflows across security review, remediation, prioritization, and operational analysis

Evaluate and integrate AI-enabled development and security tools where they improve quality, speed, or consistency

Build governed AI-assisted workflows that preserve human approval, auditability, secure data handling, and engineering ownership

Help define responsible AI usage patterns for DevSecOps and security engineering workflows

Collaboration and Operational Support

Partner with Product, Development, Cloud Platform, and Security teams to embed security earlier in engineering workflows

Drive adoption of secure engineering practices through practical guidance, reusable patterns, and developer-friendly tooling

Support threat modeling and security reviews, and provide practical guidance for prioritized applications and platforms

Participate in an on-call rotation to respond to escalated security issues and high-risk operational events

Qualifications Skills

Bachelor’s or Master’s degree in Computer Science, Software Engineering, Cybersecurity, or equivalent practical experience

4+ years of experience in DevSecOps, software engineering, security engineering, cloud security, infrastructure security, or a related role

Proficiency in one or more programming languages such as Java, Go, Python, or similar, with experience building automation, integrations, or production tooling

Experience with REST and/or GraphQL APIs, including testing, debugging, and building integrations

Hands-on experience with DevOps and infrastructure automation tools including Kubernetes, Terraform, GitHub Actions, or similar platforms

Experience integrating security controls into development, CI/CD, infrastructure, or cloud workflows

Experience with cloud security concepts and controls, with Google Cloud Platform (GCP) as the primary cloud environment. Familiarity with AWS, OCI, Azure, or multi-cloud security patterns is preferred

Ability to execute tasks with high accuracy and thoroughness and maintain confidentiality when dealing with sensitive information

Strong written and verbal communications skills. Ability to …

Apply on company site