Product Security Engineer – Mobile App Security

Plano, TX
Contracted
Mid Level
We are seeking a Product Security Engineer someone who will be responsible for end-to-end security testing with a focus on Android/iOS application security. The successful candidate will be a highly technical, passionate, and self-driven individual who loves to learn, solve problems, and contribute to the advancement of the team.

Client (type/ industry): IT Solutions branch of a major Japanese company
  • Working Location: Preferred On-Site (Plano, TX), Hybrid (if necessary)
  • Employment Type: Contract (Contract: 6 months with possible extension)
  • Salary: Up to $69/h
  • Benefit: Full Benefits
  • VISA support: NO/ United States (Required)
  • Language: English



[Job Overview]
Duties/Responsibilities:
  • Mobile Application Security Engineer will be responsible for conducting manual and automated Security testing and requirements verification such as MASVS/CWEs on iOS/Android application
  • Perform security assessment, and penetration testing including but not limited to mobile application binary analysis, source code review, IPC, and SDK analysis
  • Experience analyzing the application sandbox on iOS and Android privilege issues[D(1]
  • Participate in the mobile application development, and facilitate the security requirements development and verification
  • Identify hardcoded secrets, insecure storage, insecure communication, improper permissions, sensitive disclosure, and insecure use and validation of data entering platform features (i.e. DeepLinks, Exported Activities/Content Providers).
  • Identify weak or deprecated algorithms used in 3rd party and internal libraries
  • Produce reports/artifacts, recommendations for remediations, and provide support to strengthen the security posture of Android/iOS applications
  • Familiarity with Mobile Security Testing Guide and ability to leverage the framework and test both iOS and Android applications
  • Participate in various security projects, technical design review, code review, and test specifications
  • Identify the use of deprecated mobile components and methods such as WebViews and vulnerable programmatic deeplink handlers
Requirements:
  • Hands-on experience performing security assessments on OS or application-level of iOS/Android applications
  • Strong understanding of security testing framework for Android/iOS applications (e.g., OWASP, SANS)
  • Advance skills in secure coding best practices in any programming languages such as C/C++, Java, Objective C, Swift, SwiftUI, Kotlin, and Python
  • The successful candidate will be a highly technical, passionate, and self-driven individual who loves to learn, solve problems, grow, and contribute to the advancement of the team
  • Knowledge of Inter Process Communication (IPC) on Mobile Platforms
  • Proficient in writing scripts in various languages such as Bash, and Python
  • Proficient knowledge of APIs, and authentication protocols such as OAuth, SAML, etc.
  • Knowledge of software development lifecycle (SDLC), cloud security, and iOS/Android reverse engineering
  • Hand-On experience on testing tools such as Burp Suite, Frida, dissemblers, debuggers, dynamic instrumentations, and static code analysis
  • Ability to articulate complex technical concepts to a non-technical audience
  • Experience mobile application CI/CD pipeline
  • Generating test reports, and recommending the appropriate course of action, and supporting the mitigation and re-validation efforts
Qualifications:
  • Bachelor’s degree (or higher) in Computer Science, Engineering or related discipline, or equivalent experience
  • Strong background in security engineering, various authentication, and security protocols
  • Strong understanding of Mobile OS security internals
  • Hand-On experience with security testing tools, standards, and best practices
  • Deep experience in mobile security, obfuscation techniques, and reverse engineering
  • Strong knowledge and understanding of X.509, SSL/TLS certificate, and general certificate management process

Benefits:
 
  • Medical health insurance (including dental and vision)
  • Competitive paid time off and company paid holidays
  • Comp time for holidays worked
  • 401k matching program
  • Company profit sharing
  • Merit increases and bonus structure
  • Professional development and education reimbursement
Share

Apply for this position

Required*
We've received your resume. Click here to update it.
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Human Check*