Mobile Code Hardening Specialist

As a mobile code hardening specialist you will be expected to: • Support the integration of low-level security controls into mobile applications developed within the company • Perform low-level mobile application analysis to verify the appropriate application of security controls • Internally disseminate specialist mobile security knowledge • Contribute to the development and enhancement of internal mobile security controls, techniques and technologies Accountabilities: • Mobile security technology integration support o Provide integration support to development teams for the effective incorporation of multiple low level security technologies (obfuscation and integrity verification etc) into mobile applications o Develop and review mobile security technology implementation configurations for compliance with company standards o Develop and enhance security standards for mobile security technologies o Work with technology-risk focused audiences to recommend suitable application security controls on a per application basis o Provide ad-hoc support to mobile development teams to raise awareness of available security controls, technologies and their suitable usage scenarios • Verification of security controls o Conduct low-level application analysis in order to verify that security controls are applied as intended within production built applications o Conduct low-level analysis of test applications for the evaluation of new security technologies and controls developed by security vendors and internal security development teams • Knowledge sharing o Produce and develop training material for the internal community to disseminate specialise mobile code hardening expertise o Conduct periodic webinar sessions with the internal community to educate on the subject of mobile code hardening and general security • Research and development o Research new and emerging threats, counter controls and technologies affecting mobile platforms o Innovate in collaboration with security focused development teams to implement and enhance proprietary company security technologies Build upon the existing service request model, processes and supporting technologies

• Have superior time management and organizational skills to undertake multiple critical supportive and advisory tasks concurrently • Maintain a wide breadth of mobile development and security skills to a significant degree of depth • Have a superior ability to articulate technical concepts to non-technical business owners and management • Understand the business context/significance of mobile application security controls • Possess an entrepreneurial attitude to excel in loosely defined scenarios Technical Knowledge: • Mobile development experience within multiple platforms ideally including both Android and iOS • Experience of languages inherent to modern, mobile development: Java+JNI, Objective C, Swift etc • Knowledge of mobile specific compilers, build processes, executable file formats and OS/VM execution environments (xcodebuild, Dex, Mach-O, iOS, Android, Dalvik, ART etc) • Familiarity with process of reverse engineering and associated low-level technologies such as assembly (RISC/CISC) and tools (IDA etc). • Familiarity with concept of mobile code hardening i.e. controls and techniques for the goals of anti-tempering, obfuscation and environment monitoring etc