Mobile Security Engineer II

About The Position

Requirements

• Solid understanding of mobile application security best practices, threat modeling, and risk analysis.
• Proficiency in programming languages commonly used in mobile development, such as Java, Kotlin, Swift, or Objective-C.
• Familiarity with secure coding practices, application security frameworks, and vulnerability management.
• Experience with mobile application penetration testing tools and methodologies.
• Strong problem-solving skills, attention to detail, and ability to think creatively to overcome security challenges.
• Solid communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.
• Experience in a highly regulated industry preferred.

Nice To Haves

• Bachelor’s or Master’s degree in Computer Science, Engineering, Mathematics, or a related field or combination of equivalent education and applicable work experience.
• Security certifications such as OSCP, GWAPT, or similar are highly desirable.
• 5+ years of experience in mobile application security, with hands-on experience in both Android and iOS platforms.

Responsibilities

• Conduct security assessments and support penetration testing on Android and iOS mobile applications to identify vulnerabilities and security flaws.
• Partner with development teams to support remediation efforts by helping validate fixes and reinforcing secure coding practices and mitigation strategies.
• Assist with threat modeling and risk analysis for mobile applications, with consideration for regional requirements and user demographics.
• Help document and maintain security requirements for mobile applications in alignment with established industry best practices and regulatory standards.
• Collaborate with product and engineering teams to support the integration of security throughout the mobile application development lifecycle.
• Implement and help maintain security controls to protect sensitive data within mobile applications and support secure communication with backend services.
• Stay informed on emerging security threats, vulnerabilities, and mitigation techniques related to mobile applications and share relevant findings with the team.
• Support security training and awareness efforts for development teams by contributing content and reinforcing security-first behaviors.
• Assist with engagement in bug bounty programs and review security findings from external researchers under guidance from senior team members.
• Document and report security findings with clear, actionable recommendations for review by senior engineers and stakeholders.