Core Responsibilities

Primary responsibility would be to perform Vulnerability Assessment & Penetration Testing as well as Source Code Review of Android Applications and articulate reports of the assessment and present findings to various stakeholders as well as support clients in patching the identified vulnerabilities
Perform Android Application Vulnerability Assessment & Penetration Testing
Review Android Application Source Code for Source Code Review
Write in-house tools, extenders and automated scripts
Create / Enhance methodology and process documents
Present identified security issues to the stakeholders
Contribute to internal Research & Development initiatives

Experience and Qualifications

M.Tech or B.Tech / B.E./BCA in Computer Science or Information Technology
Hands-on experience of security assessment of Android applications.
Good understanding of Java development.
Good Understanding of secure code review of Android applications.
Hands-on experience of security assessment of Web applications/API security.
Experience on working with tools for runtime analysis of Android applications: FRIDA, Xposed Framework, Objection, MobSF, Insepeckage etc.
Knowledge of Linux operating system
Good Knowledge of any one scripting language (Python, Shell Script, JS etc.) for automation of security test cases.
Good understanding of Tool - Burp Suite
Basic understanding of tools like HP Fortify, IBM App Scan, Acunetix etc.
Any two skills from additional skill are mandatory
Team Management
Good understanding of Android development.
Experience on working with native as well as hybrid application development methodology.
Basic understanding of Kotlin.
Good understanding of network security assessment.
Hands-on experience of building Burp extenders.
Security certifications like OSCP, OSCE, CRT, SLAE would be a plus.
Reverse engineering native code using tools such as IDA Pro, Hex-Rays Ollydbg etc.
Security analysis of applications built on hybrid technology such as Xamarin, Apache Cordova, Worklight, Ionic framework etc.