JD: ¿ Execute vulnerability assessment of internal, external Mobile applications via automated and manual techniques to understand the risk and security posture of the Mobile application ¿ Research, designs, and develops solutions meeting internal and external compliance, security requirements and standards for Site Security & Reliability Engineering ¿ Drives defense in depth security for the organization to protect critical IT assets and data ¿ Develop and document security requirements for product teams ¿ Perform security testing and analysis of native iOS and Android applications (based on React Native) and Mobile Web experiences ¿ Review application design and architecture from security standpoint and provide recommendations ¿ Perform root cause analysis of security vulnerabilities and apply lessons learned ¿ Provide detailed documentation on security policies and remediation assistance ¿ Assist developers in remediation by sharing security concepts and security best practices ¿ Support and drive business unit and enterprise security programs as a Subject Matter Expert ¿ Assist the Enterprise Bug Bounty program Required Qualifications ¿ Ability to write and develop security requirements ¿ Experience in Mobile App Security Testing and using SAST (Veracode Preferred) /DAST (AppScan Enterprise Preferred) /Pen Testing tools, like BurpSuite. ¿ Ability to explain vulnerabilities in the OWASP Top 10 to relevant stakeholders and discuss ways to remediate it. ¿ Deep understanding of iOS and Android apps security principles and security best practices ¿ Deep understanding of React Native security best practices ¿ Basic understanding of iOS and Android internals ¿ Experience working with Swift, Objective C, Java, JavaScript, React Native ¿ Digital Forensics experience with iOS and Android Preferred Qualifications ¿ Master¿s Degree in Marketing, Computer Science, Information Systems or related field ¿ At least 3 5 years¿ experience in information security ¿ iOS and Android app development background At least one of the following security certifications in order of preference: ¿ OSWE (web app focused) ¿ OSCP (systems/network focused) ¿ CISSP (general security) ¿ CEH (general security) ¿ Certified in one or more public cloud Platforms (AWS or Azure or GCP) ¿ Development/submission of an app in iOS or Android app stores ¿ Experience in a large enterprise retail or consumer organization ¿ Contribution to open source projects
Seniority level
Entry level
Employment type
Full-time
Job function
Information Technology
Industries
Information Technology & Services
Referrals increase your chances of interviewing at Keylent Inc by 2x