Security Engineer

Who We Are

MAS Global Consulting is a U.S.-based software engineering, data, and AI solutions firm known for combining engineering excellence, agility, and purpose. We partner with innovative companies to build secure, scalable, and high-impact technology platforms while fostering a people-first culture where talent can thrive.

At MAS Global, we value ownership, collaboration, and continuous improvement. Our teams work on complex, real-world challenges and play a critical role in shaping secure, modern digital products used at scale.

Who You Are

You are a Product Security Engineer who is passionate about building secure systems from the ground up. You think proactively about risk, enjoy collaborating with product and engineering teams, and believe security should be embedded throughout the entire development lifecycle—not added at the end.

You are comfortable reviewing architecture and code, conducting threat modeling, advising on secure design decisions, and driving security improvements across multiple teams. You enjoy breaking down complex problems, automating where possible, and influencing teams through both technical expertise and clear communication.

Soft Skills You Bring:

• Strong communication

• Problem-solving mindset

• Analytical thinking

• Proactivity

• Attention to detail

• Adaptability

• Ability to work cross-functionally

• Ownership and accountability

What You’ll Do

• Own and evolve the third-party security review process, ensuring vendor implementations meet security standards.

• Analyze and document data flows between internal systems and third parties; identify risks related to data access, fields, and handling, and drive remediation efforts.

• Partner closely with product and engineering teams to ensure security is embedded across the entire product development lifecycle.

• Conduct threat modeling sessions to identify, document, and mitigate product risks.

• Review product architectures to ensure systems are designed and implemented securely.

• Identify opportunities to automate security processes and improve efficiency.

• Assist product teams in creating security-focused test cases to enforce security requirements.

• Advise teams early in the development lifecycle on business and technical security requirements.

• Review and analyze source code to identify vulnerabilities and recommend secure implementations.

• Identify emerging classes of vulnerabilities and proactively design solutions before they become issues.

• Decompose large, cross-team security initiatives into actionable tasks, manage scope, and drive projects to completion.

• Act as a security advocate, representing security practices internally and, when appropriate, externally.

What You Bring

Required Experience

• +8 years of experience in product or application security.

• Hands-on experience with threat modeling, secure architecture reviews, and security design reviews.

• Ability to analyze system data flows and identify security risks.

• Experience reviewing source code to identify vulnerabilities and recommend mitigations.

• Solid understanding of secure software development practices and SDLC integration.

• Ability to collaborate effectively with product, engineering, and platform teams.

Preferred Experience

• Experience with third-party/vendor security reviews.

• Familiarity with common vulnerability classes and mitigation strategies.

• Experience automating security workflows or controls.

• Background working in cross-team, large-scale engineering environments.

• Experience influencing security practices through documentation, guidance, and enablement rather than enforcement alone.