Senior Manager, Defensive Security

Join to apply for the Senior Manager, Defensive Security role at Major League Baseball (MLB)

Join to apply for the Senior Manager, Defensive Security role at Major League Baseball (MLB)

Get AI-powered advice on this job and more exclusive features.

As the Senior Manager of Defensive Security, you will be instrumental in Major League Baseball’s effort to embed security into our product design and software delivery lifecycle.

You’ll lead the integration of anti-bot, anti-fraud, API, and application security tooling, and automate security controls across our CI/CD pipelines—ensuring our web and mobile platforms remain resilient and trusted by millions of fans and employees alike.

Your work will defend the league’s digital assets from emerging threats, ensuring every pitch, stream, and stat is delivered securely to fans around the world. You will also define MLB’s next-generation defensive strategy, including security for agentic AI, MCP infrastructure, and autonomous system-to-system interactions.

Responsibilities

Security Engineering & Automation

• Design and implement scalable defensive security controls within CI/CD pipelines, infrastructure-as-code, and cloud-native environments
• Lead integration of anti-bot, anti-fraud, API security, and application security tools across MLB's digital platforms
• Improve our security architecture by partnering with Dev Ops, SRE, Product & Software Engineering teams to embed security early in the software development lifecycle (Shift Left)

• Oversee detection engineering efforts to improve visibility, reduce dwell time, and create actionable security alerts and response automations
• Partner with the Security Operations and Offensive Security teams to mature incident response playbooks, adversary emulation, and purple team exercises
• Evaluate threats, vulnerabilities, and attack techniques to ensure proactive defense postures (MITRE ATT&CK, D3
  
  FEND-aligned)
• Take part in the on-call rotation for high-severity incident escalations, particularly during high-profile events such as major game days, ticket launches, or partner broadcasts

• Lead vulnerability management activities, ensuring timely identification, triage, and remediation of security findings across infrastructure, applications, and APIs
• Collaborate with product, IT, and infrastructure teams to prioritize risk-based remediation efforts and report on exposure trends
• Pilot and integrate agentic AI platforms capable of real-time contextual decision-making (e.g., alert triage, threat hunting, VRM automation) to reduce mean time to respond (MTTR) and analyst fatigue

• Develop and enforce secure design patterns for web, mobile, and API platforms, emphasizing resiliency against modern attack vectors
• Partner with developers and product teams to conduct architectural threat modeling and review high-impact features or deployments
• Champion best practices in authentication, session management, data protection, and secure SDLC
• Define and enforce cloud security architecture standards across AWS, Azure, and GCP, incorporating best practices for workload isolation, IAM, encryption, and control plane monitoring

• Mentor and develop a growing team of defensive security engineers and analysts; foster a high-performance, innovation-focused culture
• Track and report key performance indicators (KPIs) and defensive maturity metrics to security leadership and executive stakeholders
• Serve as a key security stakeholder across Engineering, IT, Product, Legal, and third-party vendors
• Develop and maintain operational security playbooks, peer-review standards, and change-control procedures. Act as the primary Defensive Security stakeholder in security governance, risk assessments, and change-advisory board processes

• Bachelor’s or Master of Computer Science, Software Engineering, or Cybersecurity
• 4+ years of experience in Dev(Sec)
  Ops, software engineering, security engineering or a related role
• Relevant certifications from recognized organizations such as (ISC)², GIAC (SANS), CompTIA, Off Sec, ISACA, Security Blue Team, or cloud providers (AWS, Azure, GCP) are a strong plus
• Experience implementing and managing security tooling in one or more areas: WAF, bot mitigation, RASP, EDR, SIEM, CSPM, SAST/DAST, or API security platforms is required
• Proficiency in one or more languages such as Python, Go, or Bash for automating security controls and CI/CD workflows is required. Experience with formal SSDLC frameworks (e.g., OWASP SAMM) is a plus
• Experience securing backend APIs (REST, Graph
  
  QL, MCP) developed in languages like Node.js, Java, Python or Go is a plus
• Deep understanding of modern application architectures (cloud-native, microservices, APIs) and their security implications is required
• Solid experience with Dev Ops platforms and IaC (Kubernetes, Terraform, Git Hub Actions, etc.) is a plus
• Capable of independently driving…