Job Title: Senior Mobile Security Architect
Location: San Jose, CA / Remote
Duration: Long Term
Description:
The Product Security Team ensures security by design product engineering and architecture for products. In this role as Senior Mobile Security Architect, you will conduct security assessments for products and solutions developed by the Consumer Group. You will collaborate with various cross functional teams and help to create, define, and implement security controls and tooling in conjunction with internal product development and partner teams.
MUST HAVE SKILLS::
Bachelor's degree in Computer Science, Engineering or Mathematics. –
At six or more years of work experience designing & developing iOS and Android based solutions using common standards and frameworks (developing, debugging, testing and deploying). –
A background in software engineering with a deep passion for protecting against and hunting for mobile threats –
Experienced with all phases of Mobile app development from prototyping to publishing to the App Store or Google Play using native IDE (Xcode, Android Studio) and cross-platform mobile technology (Flutter) - Programming skills in C++/C, Java/Kotlin, Scala, Objective-C /Swift or other languages and the ability to solve complex operational issues –
Excellent knowledge of OWASP Mobile Application Security (MAS), cryptographic Algorithms PKI, authentication protocols, transport layer security, OID, OAuth, SAML, etc. –
Excellent communication (both verbally and in writing), organizational, and experience translating business goals into technical security deliverables
DESIRED SKILLS: -
Experience with Obfuscation techniques, Reverse Engineering and Tamper Resistant software development –
Experience with performing Security Testing and Penetration Testing techniques on Mobile platform –
Experience with Content Security technologies like DRM/Conditional Access
Understanding of Trusted Execution Environment and Secure Boot Process –
Broad technical experience in several security disciplines including endpoint and platform (Unix/Linux/Windows, mobile) controls, encryption/tokenization, identity and access management, data loss prevention/protection, antivirus/antimalware, intrusion detection/protection, logging and monitoring, and security tooling integration in complex environments. - Experience using tools like Nowsecure, IDA, BurpSuite, APKTool, ADB (Android Debug Bridge), Frida Ghidra, Radare, etc.
Even better if have Cloud Security skill sets with: -
Ability to evaluate security postures and provide recommendations for improvement and risk reduction for other platforms like Cloud services, Web and Embedded applications –
Experience with Cloud Security Services and tools in AWS such as IAM, GuardDuty, Macie, S3, CloudTrail, AWS Config, CloudWatch, KMS, compute (i.e., EC2, GCE), storage (volume/object), networking (VPC, IDS/IPS, firewall, reverse proxies, Load Balancers, Security Groups/List, etc.), and AWS Inspector, SDK/CLI.
EDUCATION/CERTIFICATIONS: BS in Computer Science or related field with 6+ years of relevant professional experience Candidates must have mobile development experience.