استخدام Senior Mobile Application Security Engineer
این آگهی منقضی
شده است
دستهبندی شغلی
وب، برنامهنویسی و نرمافزار
موقعیت مکانی
تهران
، تهران
نوع همکاری
تمام وقت
حداقل سابقه کار
کمتر از سه سال
حقوق
توافقی
شرح موقعیت شغلی
Alibaba is looking for a senior mobile application security engineer to help us improve and expand our rapidly-growing products. As a senior mobile application security engineer (iOS/Android), you are responsible for the design and conducting of mobile application security robustness tests, you should be a senior offensive security expert, specialized in mobile application security field, including vulnerability assessment, penetration testing, reverse engineering, forensic, and hardening.
You
Spend most of the time to design and develop security tests, tools, methods, and solutions regarding to apply on mobile application security testing cases.
Perfectly know data confidentiality levels and perfectly apply the principles of confidentially and privacy protection to prevent inadvertently information disclosure.
Are literally punctual, purely receptive teammate, reliable and responsible, and extremely flexible and compatible.
Responsibilities:
Optimizing mobile application security testing methodologies
Conducting manual penetration testing on products, features and third-party SDKs in the mobile platform
Work with mobile application teams to create application threat models and build secure applications and advocate standard and methodologies
Providing an appropriate mobile application security guidance for developers in the field of mobile application security
Teaching and sharing the knowledge with teammates
Requirements:
An undergraduate academic degree in software engineering or IT.
At least 4 years of experience in mobile application security testing.
Deep knowledge about vulnerability assessment and penetration testing.
Extensive experience in applying mobile application security best practices, testing guides and methodologies like OWASP Mobile Top 10, MSTG and MASVS.
Comprehensive skills in applying mobile application security testing tools like ADB, Drozer, Frida, MobSF, QARK, Hopper Disassembler, fbidb, cycript, Fridpa, OWASP ZAP, Burp Suite.
Great proficiency in applying automated mobile application testing tools on CI/CD security test integration challenge using Appium, Robotium, Calabash, ImmuniWeb® MobileSuite, Checkmarx for Mobile AST, ...
Deep understanding of the iOS and Android secure coding and development best practices in order to explain it to developers.
Good proficiency in one or more programming and scripting language like C/C++, Objective C, Python, Ruby, Java, JavaScript.
Ability to develop desirable security tools regarding assigned tasks thru programming and scripting.
Certifications like SANS SEC575, eLearnsScurity MASPT, eMAPT may be a plus.
It’s good to have a proficient verbal and written communication skill in English.
معرفی شرکت
شرکت سفرهای علیبابا، یک جمع بزرگ بیش از 800 نفری از افرادی حرفهای و تاثیرگذار است که در جایگاه رهبر بازار گردشگری ایران، با ارائه همه خدمات سفر بهشکل آنلاین، همسفر مسافران میشود. تلاش همه علیباباییها این است که با توانمندسازی جامعه، دسترسی به تجربه شایسته سفر را برای همه ممکن کنند. اینجا هر روز برای ما «روز اول» است و فرصتی برای رشد و یادگیری. در واقع هیچ سقف و محدودیتی برای خودمان قائل نیستیم و علیبابا را یک کوه بدون قله میبینیم.