Senior Android Penetration Tester

Job Title : Senior Android Penetration Tester

Location : Remote

Employment Type : Contract

Experience Level : 10+ years (with specialization in Mobile Security)

Looking for Immediate Joiners Only

Role Overview

We are seeking a highly skilled Senior Android Penetration Tester to lead advanced mobile application security testing and vulnerability assessments. The role involves evaluating Android applications, SDKs, APIs, and supporting infrastructure against modern threat models and compliance standards (e.g., OWASP MASVS, PCI DSS, Google Play Store policies). The ideal candidate will bring deep technical expertise, hands-on testing experience, and the ability to provide remediation guidance

Key Responsibilities

Conduct comprehensive penetration tests of Android applications & SDKs

Perform threat modeling and risk assessment to identify attack vectors and potential exploits.

Set up and maintain reproducible test environments (emulators, rooted devices, proxies, instrumentation frameworks).

Perform static, dynamic, and runtime analysis of Android applications (reverse engineering APKs, analyzing AAR / JAR, DEX, smali code, JNI / NDK libraries).

Identify and exploit vulnerabilities such as :

Insecure data storage

Improper authentication / authorization

Broken cryptography

Hardcoded secrets & keys

Insecure inter-app communication

API security weaknesses

Evaluate compliance with OWASP MASVS / MSTG, PCI DSS, and Google Play Store security requirements.

Required Skills & Qualifications

5+ years of professional experience in mobile penetration testing (with at least 3 years focused on Android).

Strong knowledge of Android architecture, SDKs, and internals (Dalvik / ART, IPC, permissions, intents).

Preferred Qualifications

Certifications : OSCP, OSWE, GMOB, GXPN, CEH (Practical), CREST CRT / CCSAS .

Prior experience in secure code review and threat modeling for mobile apps.