Mobile Application Penetration Tester

Application deadline date has been passed for this Job.
This job has been Expired
  • Offerd Salary Negotiable
  • Experience 5 Years
  • INDUSTRY Information Technology
  • Qualification Bachelor Degree
Job Description

Job description

Role Objective:

Conduct Mobile Application Security Assessment, identifying vulnerabilities and application weaknesses.

Key Responsibilities:

  • Provide a professional security assessment findings report for each engagement, listing the findings with relevant technical description, severity level and technical recommendations for remediation.
  • Conduct both dynamic and static mobile application testing for both: iOS and Android platform, covering web (client side and server side), File Systems and permission, API testing and code review.
  • Ability to provide proof of concept for each finding and demonstrate its impact for both client and server side.
  • Conduct a briefing to application development team, if needed.
  • Follow Q-CERT Technical Security Assessment procedure.

Desirable Skills and Competencies:

  • Bachelor degree in IT with focus on technical or security domain.
  • Above 5 years of experience in penetration testing with expertise in well-known security tools such as :Nmap, Metaspoilt, Kali Linux, Burp Suite Pro, etc., and other commercial tools.
  • Experience with Security Development Life Cycle (SDLC) and well known security standards and best practices, such as OWASP Top 10.
  • Above 2 years of experience in mobile application penetration testing, code review and reversing
  • Experience with mobile application testing and code review such as : otool, Android SDK, etc.
  • Experience with main programming languages such as: C/C++/ C#/ ObjC, Swift, Java, PHP or.NET as well as scripting languages such as ruby, python, POSIX shell, etc.
  • Strong technical communication skills include technical writing, and verbal communication with other team members.
  • Strong understanding of :

– Web protocols (e.g HTTP, HTTPS and SOAP) and web technologies (e.g HTML, Java, script, XML, AJAX, JSON and REST)

–  Mobile Application Risk such as : Insecure Data Storage, Improper Session Handling, Insufficient Transport Layer projection, etc.


Official penetration testing certificates from trusted organizations such as : Offensive security, SANS Institutes