Senior Android Penetration Tester

Job Title: Senior Android Penetration Tester

Location: Remote

Employment Type: Contract

Experience Level: 10+ years (with specialization in Mobile Security)

Looking for Immediate Joiners Only

Role Overview

We are seeking a highly skilled Senior Android Penetration Tester to lead advanced mobile application security testing and vulnerability assessments. The role involves evaluating Android applications, SDKs, APIs, and supporting infrastructure against modern threat models and compliance standards (e.g., OWASP MASVS, PCI DSS, Google Play Store policies). The ideal candidate will bring deep technical expertise, hands-on testing experience, and the ability to provide remediation guidance

Key Responsibilities

• Conduct comprehensive penetration tests of Android applications & SDKs

• Perform threat modeling and risk assessment to identify attack vectors and potential exploits.

• Set up and maintain reproducible test environments (emulators, rooted devices, proxies, instrumentation frameworks).

• Perform static, dynamic, and runtime analysis of Android applications (reverse engineering APKs, analyzing AAR/JAR, DEX, smali code, JNI/NDK libraries).

• Identify and exploit vulnerabilities such as:

• Insecure data storage

• Improper authentication/authorization

• Broken cryptography

• Hardcoded secrets & keys

• Insecure inter-app communication

• API security weaknesses

• Evaluate compliance with OWASP MASVS/MSTG, PCI DSS, and Google Play Store security requirements.

Required Skills & Qualifications

• 5+ years of professional experience in

  mobile penetration testing

  (with at least 3 years focused on Android).
• Strong knowledge of

  Android architecture, SDKs, and internals

  (Dalvik/ART, IPC, permissions, intents).

Preferred Qualifications

• Certifications:

  OSCP, OSWE, GMOB, GXPN, CEH (Practical), CREST CRT/CCSAS

  .
• Prior experience in

  secure code review and threat modeling

  for mobile apps.