• Design, deploy, and optimize bot-mitigation and service-abuse controls, including WAF configurations, rate limiting, behavioral/velocity checks, challenge/attestation frameworks (e.g., Cloudflare Turnstile), device-telemetry validation, and API/form hardening. • Develop and maintain automated detection capabilities leveraging IP/ASN intelligence, identity patterns, traffic analytics, and anomalous behavior models. • Lead bot-related incident response activities, including triage, containment, root-cause analysis, and long-term remediation planning to support platform stability and operational continuity. • Partner closely with Engineering, DevSecOps, Fraud Strategy, Fraud Operations, Data, and Product teams to integrate preventive and detective controls across the customer funnel. • Drive the long-term bot-mitigation roadmap and capability vision in partnership with Engineering, Product, Fraud, Data, and DevOps, ensuring alignment with enterprise risk-reduction, platform resiliency, and operational efficiency goals. • Establish monitoring, reporting, and multi-signal decisioning (signal-fusion) mechanisms to provide visibility into bot activity, control effectiveness, system performance impacts, and operational risk indicators. • Evaluate new tools, technologies, and techniques related to bot detection, behavioral analytics, device attestation, signal fusion, and automated-abuse prevention; develop recommendations based on threat trends, performance considerations, and business requirements. • Produce architectural documentation, detection logic specifications, technical standards, and operational runbooks that support scalable and repeatable defense capabilities. • Guide engineering teams in embedding resilient security patterns into web and API designs and influencing product flows to reduce automated-abuse exposure. • Mentor team members and contribute to the broader security engineering and service-abuse management knowledge base.