A growing FinTech company is looking for a talented Cyber Security Engineer (Mobile) to work in their Security Team. You will be reporting to the CISO and work with senior management directly.
- Although cybersecurity is everyone’s responsibility, the security team is primarily responsible for solving some of the most challenging and exciting problems to mitigate cyber threats that are common organization-wide and industry-wide.
- As the digital world moves exponentially, the company is constantly aligning its cybersecurity strategy, especially in today’s dynamic environment.
- Plan and implement solutions to business challenges, working directly with other engineers and product management on mobile security
- Develop features, maintain and improve existing SDK/applications to support products
- Create security tooling and automation to make teams more efficient
- Participate in all phases of the Software Development Life Cycle, implementing features and addressing issues
- Enjoy a wide scope of responsibility and lots of flexibility in selecting the appropriate technical solutions to business challenges and opportunities
- Own and lead mobile app security strategy.
- Partner with product owners, developers, QA, and architecture in ensuring that security is embedded throughout the SDLC.
- Provides guidance to staff on insights in changing security standards
- Develop strategies to assess 3rd party libraries for mobile
- Perform dynamic and static scans for all mobile products
- An active advocate of mobile development platforms (iOS and Android Native) through both internal and external developer communities
- Remain an active learner in all technologies related to iOS, Android development (Java, Kotlin, Swift, swift migrations, iOS SDK, Xcode, 3rd party libraries, iOS developments, etc.)
A successful Fintech Company, provides a payment platform that lets online merchants accept payments in real-time from consumers without credit cards.
9:00 - 18:00 (Mon - Fri) (Optional Work-From-Home）
Saturday, Sunday, and National Holidays, Year-end and New Year Holidays, Paid Holidays, Special leave, etc.
【Services / Benefits】
Social insurance, Transportation Fee, No Smoking Indoors (Designated Smoking Area) etc.
- Experience with mobile security in finance, ideally in a large multinational environment
- Experience in threat hunting, pen-testing, or threat analysis with a focus on mobile applications
- Experience identifying, investigating, and responding to complex attacks on mobile and API technologies
- Strong understanding of threat landscape in terms of the tools, tactics, and techniques of threats employing both commodity and custom malware
- Extensive experience with attack emulation tools
- Experience in developing attack Tactics, Techniques and Procedures (TTPs) using the MITRE ATT&CK Framework construct
- Solid understanding of cybersecurity training needs and operations (tools, processes and techniques in cyber)
- Familiar with Atlassian products, Git, and CI/CD pipelines
- Required Certifications: GIAC Mobile Device Security Analyst (GMOB) (or ability to acquire within probation period)
- Desired certifications: OSCP, or CISSP, or CCSP, or AWS Certified Security