Skip to main content

Director, Application and Data Security at MLS League Office

Director, Application and Data Security
MLS League Office
On-site
New York, NY
Full-time
Salary not listed
Posted 28 May 2026
AnalyticsDirector
Apply Now
Share this job:

Job Description

Overview

Major League Soccer is seeking a highly technical and hands-on Director, Applications and Data Security to support the security of the League’s digital products, enterprise applications, APIs, cloud services, data platforms, AI-enabled capabilities, and third-party technology integrations.

This role is responsible for helping ensure MLS systems are designed, built, integrated, and operated securely. The role will work closely with Digital Product, Engineering, Data, Enterprise Applications, and external partners to provide practical security guidance across application security, cloud security, data security, AI security, threat modeling, vulnerability management, and secure software development practices.

The ideal candidate is hands-on, technically credible, collaborative, and comfortable operating across both strategic and technical work. This person should be able to translate security risk into clear, actionable guidance that supports innovation, fan engagement, operational resilience, responsible use of League data, and the secure adoption of emerging technologies.

Responsibilities

  • Serve as the primary security partner for MLS digital product, application, engineering, data, and enterprise technology teams.
  • Lead hands-on security reviews of applications, websites, APIs, cloud services, data platforms, third-party integrations, SaaS platforms, internally developed products, and AI-enabled solutions where applicable.
  • Perform application security testing using manual review and automated tools, including SAST, DAST, IAST, software composition analysis, container scanning, secrets detection, and related security tooling.
  • Conduct threat modeling for new and existing products, applications, APIs, data workflows, integrations, cloud-native services, sensitive data environments, and emerging technology use cases.
  • Review application architecture, authentication, authorization, session management, data flows, logging, encryption, input validation, API design, and secure configuration patterns.
  • Partner with digital product and engineering teams to embed secure-by-design principles, security requirements, and practical controls into the software development lifecycle.
  • Identify, document, prioritize, track, and validate remediation of product, application, cloud, API, data security, and software supply chain findings.
  • Support vulnerability management for applications, APIs, code repositories, containers, open-source dependencies, third-party software components, and vendor-developed solutions.
  • Evaluate and help mitigate security risks across MLS data platforms, data pipelines, analytics environments, data integrations, sensitive data workflows, and approved AI use cases.
  • Define, maintain, and improve security requirements, standards, patterns, checklists, and guidance for application security, product security, data protection, access control, encryption, tokenization, data retention, secure data sharing, and responsible use of AI-enabled technologies.
  • Support secure CI/CD implementation, including security gates, code scanning, dependency checks, container image validation, secrets management, deployment controls, and automation opportunities.
  • Review third-party product integrations, SaaS platforms, APIs, SDKs, technology partnerships, AI-enabled tools, and vendor-developed applications for product, application, and data security risks.
  • Collaborate with third-party risk management, legal, privacy, procurement, incident response, and technology teams to support vendor reviews, security events, impact assessments, containment, and remediation.
  • Communicate technical findings, risk, business impact, remediation options, program metrics, recurring issues, and security posture trends to engineering, business, legal, privacy, and executive stakeholders.
  • Serve as a senior hands-on security advisor for high-priority MLS initiatives involving fan-facing platforms, enterprise applications, cloud services, data systems, AI-enabled capabilities, and third-party integrations.

Qualifications

Education and Experience

  • Bachelor’s degree in Computer Science, Information Security, Engineering, Information Technology, or a related field, or equivalent practical experience.
  • 8+ years of experience in cybersecurity, application security, product security, software engineering, cloud security, data security, or related technical security disciplines.
  • 5+ years of hands-on experience performing application security, product security, secure code review, API security review, threat modeling, or security architecture work.
  • Experience working directly with product managers, software engineers, application owners, data teams, enterprise application teams, and business stakeholders.
  • Experience supporting security in cloud environments such as AWS, Azure, or GCP.

...

More Analytics jobs →

Similar Jobs

View all jobs →