Edge Security Platform Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Take ownership of and manage MLB’s edge security platforms (WAF, bot mitigation, CDN), encompassing configuration, tuning, and lifecycle management.

• Ensure secure and resilient environments through infrastructure-as-code and controlled deployment methodologies.

• Continuously enhance rules, policies, and thresholds to bolster protection and prevent drift.

• Engage in an on-call rotation for high-severity edge security incidents.

• Design and oversee defenses against automated abuse, including credential stuffing, scraping, ticketing bots, and payment fraud.

• Analyze telemetry to uncover threats, false positives, and attacker behaviors.

• Collaborate with fraud and payment teams to bolster early detection and mitigation efforts.

• Optimize security measures to maintain uptime and user experience during peak traffic events.

• Act as a subject matter expert during incidents, ensuring that mitigations align with latency, conversion, and availability goals.

• Create and sustain logging, monitoring, dashboards, and alerting for both edge and application layers.

• Integrate telemetry with SIEM tools to enhance detection, triage, and audit capabilities.

• Monitor and report on key risk and performance indicators.

• Propel automation for detection, response, and change management while ensuring human oversight is maintained.

• Establish robust deployment controls, audit trails, and support compliance initiatives (e.g., PCI, SOC 2).

• Collaborate cross-functionally to advance the edge security strategy, tools, and execution.

⛳️ Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering, or a related discipline, or equivalent practical experience.

• Over 5 years of experience in security, platform, SRE, or infrastructure engineering roles supporting large-scale, internet-facing systems; experience with high-demand consumer platforms such as ticketing, e-commerce, streaming, or live events is highly preferred.

• Practical experience in operating and fine-tuning WAF, bot mitigation, rate limiting, CDN security, and related traffic protection measures in production environments.

• Direct experience with HAProxy Enterprise WAF and bot/security modules, as well as CDN including WAF, bot management, rate controls, and telemetry or log streaming.

• Solid understanding of HTTP/S, TLS, DNS, TCP/IP, reverse proxying, caching, rate limiting, server- and client-side fingerprinting, and edge traffic dynamics.

• Experience in investigating web abuse, fraud signals, or adversarial automation impacting login, checkout, account, or transaction processes.

• Proficiency in Python, Go, Bash, or similar scripting languages, alongside experience with Terraform, Ansible, Git-based workflows, CI/CD pipelines, or other infrastructure-as-code practices.

• Experience with observability, logging, and SIEM integration pertaining to security and operational telemetry.

• Strong troubleshooting capabilities across distributed systems, production incidents, and customer-impacting edge events.

• Excellent written and verbal communication skills, with the ability to collaborate effectively across both technical and non-technical teams.

🏝️ Benefits

• Competitive Benefits Package

• Company 401K Contribution

• Paid Time Off and Holidays

• Paid Parental Leave

• Access to Free Tickets to Baseball Games & MLB.TV

• Discounts at MLB Store | MLBShop.com

• Employee Assistance Programs (EAP)

• Onsite/Online Training & Development Programs

• Tuition Reimbursement

• Disability Benefits (short term and long term)

• Life and Accidental Death Insurance

• Pet Insurance