Position: Mobility Security Analyst / Consultant
Experience Required: 2–5 Years
About the Role
We are looking for a Mobility Security Analyst/Consultant to strengthen our security team. The role focuses on conducting mobile and web application security assessments, identifying vulnerabilities, and recommending mitigation strategies to enhance overall application security posture.
Roles & Responsibilities
- Conduct security assessments for mobile (Android & iOS) and web applications.
- Perform static and dynamic analysis of mobile applications.
- Test applications against OWASP Top 10 vulnerabilities and other security standards.
- Use industry-standard tools such as Burp Suite, OWASP ZAP, MobSF, along with manual testing techniques.
- Prepare detailed reports on vulnerabilities with actionable remediation guidance.
- Collaborate with developers and security teams to fix vulnerabilities and improve security practices.
- Stay up to date with latest mobile and web security trends, attack vectors, and tools.
Key Skills & Requirements
- Strong understanding of mobile and web application vulnerabilities and exploitation techniques.
- Hands-on experience with security testing tools (Burp Suite, OWASP ZAP, MobSF, adb, Frida, Drozer, etc.).
- Experience with manual penetration testing techniques for business logic and advanced vulnerabilities.
- Familiarity with OWASP Top 10, MASVS, and MSTG frameworks.
- Good understanding of Android/iOS internals and reverse engineering concepts.
- Ability to clearly document findings and communicate with technical/non-technical stakeholders.
Educational Qualification
- B.E./B.Tech in Computer Science, Information Technology, Cybersecurity or equivalent.
- MCA or relevant equivalent qualification.
Certifications (Preferred)
- eJPT, CEH, OSCP, or relevant Mobile Security certifications (e.g., GMOB, OSWE, OSMAP).
Desired Attributes
- Strong problem-solving and analytical skills.
- Detail-oriented with a proactive approach.
- Ability to work in a fast-paced, collaborative environment.
- Passion for application security and continuous learning.