Mobile Security Engineer - Remote

October 30

Apply Now

Receive Emails with Similar Jobs

Diabetes Youth Families

WebsiteLinkedInAll Job Openings

11 - 50

Description

• Researching, developing, and improving defensive tactics, techniques, and procedures for detecting and responding to mobile cybersecurity threats for medical device applications. • Performing security evaluations and internal penetration testing of medical device applications for the Android and iOS platforms. • Conduct regular risk assessments of the mobile applications by creating, updating and maintaining threat models and performing code reviews. • Work with engineering and systems teams to ensure secure design, development and validation of our products, configure and deploy new tooling, and improve response capabilities. • Analyze security data and report on threats and incidents across various platforms and environments. • Interact directly with the security community regarding mobile security vulnerabilities and threats. • Perform mobile security training, outreach and reviews for internal development teams. • Ensure products comply with FDA guidance and regulations for cybersecurity.

Requirements

• Excellent understanding and experience in multiple security domains such as application security, mobile security, hardware security, and incident response. • Programming skills in Java, Kotlin, Swift, Python or other languages. • Automation and development experience in Python, Go, Rust, C++, JavaScript, etc. • Strong knowledge of OWASP Mobile Application Security Verification standard (MASVS) • Strong knowledge of OWASP Mobile Application Security Testing Guide (MASTG) • Strong knowledge of MITRE ATT&CK Framework – Mobile Matrices • Strong knowledge of NIST Cybersecurity Framework • Experience with static and dynamic mobile appsec analysis concepts such as penetration testing. • Experience performing threat modeling and risk analysis of mobile applications. • Experience working to secure the development of medical device applications. • Experience working with multiple stakeholders such as engineering/systems teams, internal business units, and external incident response teams throughout the incident lifecycle. • Possess strong English writing and communication skills.