A private community for global citizens.

Senior Product Security Engineer – iOS Mobile App

Security EngineerSecurity EngineerFull TimeRemoteTeam 51-200H1B SponsorCompany Site LinkedIn

Location

California

Posted

67 days ago

Salary

Not specified

Bachelor Degree8 yrs expEnglishAWSCloudI OSNode.jsObjective CPythonSwift

Job Description

• Lead the security review of iOS application architecture and design, ensuring security is built-in from the ground up. • Conduct security-focused code reviews for the iOS application, and implement/manage static and dynamic application security testing (SAST/DAST) tools. • Oversee the identification, assessment, and remediation of vulnerabilities within the iOS application and its supporting infrastructure. • Perform threat modeling for new features and existing components of the iOS application and its backend services. • Drive the adoption and enforcement of secure development practices within the mobile engineering teams. • Ensure the security of APIs consumed and exposed by the iOS application. • Manage and refine cloud IAM roles and permissions for the mobile app's backend infrastructure to enforce the principle of least privilege and improve our cloud security posture. • Support incident response activities related to the iOS application, including investigation and remediation. • Evaluate, implement, and manage security tools relevant to mobile application security. • Provide guidance and training to mobile developers on secure coding practices. • Report directly to the Head of Information Security on the security posture of the iOS application and related infrastructure.

Job Requirements

8+ years of experience in a security role with a strong focus on application security.
5+ years of experience in a product security engineering role with a strong focus on mobile (iOS) application security.
Extensive experience with secure coding principles, mobile security frameworks, and common mobile vulnerabilities (e.g., OWASP Mobile Top 10).
Strong understanding of iOS platform security features and best practices.
Proficiency in Swift/Objective-C with a minimum of 3 years of Swift experience, and experience with mobile development tools and environments.
Proficiency in NodeJS with a minimum of 3 years of NodeJS experience, and experience with NodeJS backend mobile development tools and environments.
3+ years of experience with cloud security principles and cloud IAM (e.g., AWS IAM, Cloud Connectivity) as it relates to mobile backend infrastructure.
Experience with static and dynamic application security testing (SAST/DAST) tools for mobile applications.
Excellent analytical, problem-solving, and troubleshooting skills.
2+ years of experience in a senior or lead security engineer role.
Strong proficiency of AI coding platforms like Claude Code, Copilot, etc.
Strong leadership and communication skills, with the ability to influence and collaborate across engineering teams.
Ability to prioritize tasks and manage projects effectively in a fast-paced environment.
Experience with scripting and automation (e.g., Python, Bash) for security tasks.
Experience with GitHub Actions.
Experience with DevSecOps and CICD SCA tools.