Have Skills:
· 2+Years of mobile application security testing experience
· 2 Years of Android and iOS Security Testing Methodologies and Tools (NowSecure, MobSF, Frida, Burp Suite, Drozer, Ghidra, and similar for security assessments)
· 3+ Years of Mobile App Architecture, API Security, and Secure Coding practices
Description:
· We are looking for a skilled Mobile Application Security Tester (MAST) to assess and enhance the security of mobile applications (Android & iOS).
· The ideal candidate will have hands-on experience with dynamic, static, and behavioural analysis of mobile apps and will be responsible for identifying and mitigating security vulnerabilities.
Responsibilities:
· Conduct Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) on mobile applications.
· Perform reverse engineering, penetration testing, and runtime analysis to identify security flaws.
· Analyze mobile app permissions, API security, and cryptographic implementations to detect vulnerabilities.
· Use tools like NowSecure, MobSF, Frida, Burp Suite, Drozer, Ghidra, and similar for security assessments.
· Test Android and iOS applications for OWASP Mobile Top 10 vulnerabilities.
· Review network traffic, data storage, and authentication mechanisms for potential risks.
· Work with development and DevSecOps teams to integrate security best practices in CI/CD pipelines.
· Document findings and provide detailed remediation guidance to developers and stakeholders.
· Stay updated with emerging mobile security threats, vulnerabilities, and industry trends.
Required Skills:
· Bachelors or Master’s degree in Computer Science, Cybersecurity, or related field.
· 2 years of experience in mobile application security testing.
· Hands-on experience with Android and iOS security testing methodologies and tools.
· Knowledge of mobile app architecture, API security, and secure coding practices.
· Strong understanding of encryption, obfuscation, and code signing techniques.
· Experience with Jailbreak/Root detection bypass techniques.
· Familiarity with MITM attacks, SSL pinning bypass, and mobile forensics.
· Work with client to communicate and explain the findings and support in remediation.
· Certifications like OSCP, eMAPT, GMOB, or similar are a plus.
· Hands-on experience with Android and iOS security testing methodologies and tools.
· Knowledge of mobile app architecture, API security, and secure coding practices.
· Strong understanding of encryption, obfuscation, and code signing techniques.
· Work with client to communicate and explain the findings and support in remediation.
· Certifications like OSCP, eMAPT, GMOB, or similar are a plus.
Equal Opportunity Employer
We are an equal opportunity employer. All aspects of employment including the decision to hire, promote, discipline, or discharge, will be based on merit, competence, performance, and business needs. We do not discriminate on the basis of race, color, religion, marital status, age, national origin, ancestry, physical or mental disability, medical condition, pregnancy, genetic information, gender, sexual orientation, gender identity or expression, national origin, citizenship/ immigration status, veteran status, or any other status protected under federal, state, or local law.