To Apply for this Job Click Here

We are seeking a passionate and experienced Application Security Engineer / iOS Mobile Security Specialist to join our team. This role emphasizes designing, developing, and maintaining secure mobile applications, with a strong focus on iOS security (Swift/Objective-C) and cross-platform mobile security for both iOS and Android ecosystems. The successful candidate will lead secure coding initiatives, conduct thorough security assessments, and embed security best practices throughout the Software Development Life Cycle (SDLC). This is a unique opportunity to contribute to critical security measures that protect millions of users globally.

If you are passionate about mobile security, thrive in dynamic environments, and are eager to shape the future of secure digital products, this role is for you!

Key Responsibilities

Secure Code Development (iOS & Android)

Implement and promote secure coding practices in mobile application development.Specialize in Swift/Objective-C for iOS, while addressing Android-specific security considerations (Kotlin/Java).Collaborate with development teams to ensure end-to-end encryption, authentication, and secure data storage are integral to mobile apps.

Security Architecture & Threat Modeling

Help design and implementcomprehensive security architecturesfor iOS and Android apps.Perform threat modeling to identify potential vulnerabilities and develop risk mitigation strategies.Ensure compliance with security standards such as OWASP Mobile Top 10, PCI DSS, NIST 800-53, etc.

Code Reviews & Security Auditing

Conduct manual and automated code reviews to identify security flaws.Participate in security audits and ensure adherence to security policies and industry standards.

Mobile Vulnerability Management

Perform Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) on mobile applications.Manage the vulnerability lifecycle from discovery to remediation and monitoring.Collaborate with DevOps teams to automate vulnerability checks in CI/CD pipelines.

Penetration Testing & Threat Analysis

Conduct penetration tests to identify and exploit vulnerabilities in mobile applications.Stay updated on emerging security threats and implement measures to protect mobile apps.

Secure Data Handling & API Security

Implement secure data storage mechanisms, including local encryption and key management.Ensure secure API integrations to prevent injection attacks and data breaches.

Policy Development & Compliance

Help inform, develop, and enforce security policies, standards, and guidelines for mobile applications.Ensure compliance with App Store/Google Play guidelines, and other regulatory requirements.

Collaboration & Incident Response

Collaborate with cross-functional teams (designers, product managers, QA engineers, operations) to embed security throughout the SDLC.Monitor and respond to mobile security incidents, participating in incident response processes.

Required Qualifications

Bachelor's degree in Computer Science, Information Security, or a related field, or 5+ years in mobile application development.Extensive experience in iOS application development using Swift/Objective-C, ideally also knowledge of Android (Java/Kotlin) security.Proficiency in iOS frameworks (UIKit, Core Data) and Android frameworks.In-depth knowledge of mobile security vulnerabilities (OWASP Mobile Top 10) and remediation techniques.Familiarity with mobile security testing tools (e.g., MobSF, Drozer, Burp Suite, OWASP ZAP).Strong understanding of cryptography principles, secure data storage, and key management.

Preferred Qualifications

Relevant security certifications (CISSP, CSSLP, CEH, GMOB).Experience with mobile reverse engineering tools such as Frida.Knowledge of App Store and Google Play Store compliance requirements.Familiarity with advanced encryption techniques and secure app distribution.

Skills & Competencies

Problem-Solving: Ability to think like an attacker to identify threats and formulate mitigation strategies.Communication: Capable of explaining complex security concepts to technical and non-technical stakeholders.Collaboration: Comfortable working with cross-functional teams to achieve secure solutions.Continuous Learning: Passionate about staying updated on the latest security trends.Attention to Detail: Thorough in code reviews, architecture design, and security audits.

Compensation & Benefits

Our compensation package includes competitive base pay, healthcare, 401(k), flexible PTO, and other perks.

MKE1404355AS_1737992153 To Apply for this Job Click Here