Company Description
Carousell Group is the leading recommerce group in Greater Southeast Asia on a mission to inspire the world to start selling, and to make secondhand the first choice. Founded in August 2012 in Singapore, the Group has a leading presence in eight markets under the brands Carousell, Cho Tot, Laku6, Mudah.my, OneKyat, Ox Street, and Refash, serving tens of millions of monthly active users. Carousell is backed by leading investors including Telenor Group, Rakuten Ventures, Naver, STIC Investments and Sequoia Capital India.As a team of passionate individuals working together to solve meaningful problems, there is so much more for you to discover in a career with Carousell. Our culture is made up of hiring, developing, and promoting people who embody our values of solving problems for our users; having a mission-first mindset; being relentlessly resourceful; caring deeply; and staying humble to constantly improve. Together as an organisation, we make magic happen.
About the Role:
The
Trust Engineering
team safeguards our marketplace by building secure, reliable, and user-friendly systems that protect our users and their transactions. We are looking for a
Senior Android Engineer
to strengthen our authentication and trust experiences across the Carousell Group.You will design and build
secure, scalable, and modular Android systems
that power login, account protection, and fraud prevention. You'll work across multiple domains authentication, KYC, fraud prevention, and platform security to improve user trust while maintaining seamless experiences.This is a hands-on senior role where you'll not only write high-quality code but also
drive technical direction
,
influence architecture
, and
collaborate with platform and backend teams
to shape how we scale security across the organization.
You will:
- Design, build, and maintain secure, reusable Android SDKs and components for authentication, identity, and trust.
- Drive adoption of modern authentication technologies such as passkeys, biometrics, device-bound tokens, Play Integrity API, and trusted device frameworks.
- Collaborate with backend, security, and product partners to design risk-based verification and identity protection systems.
- Champion modular and testable architectures (e.g., MVVM, MVI, Clean Architecture) to improve maintainability and developer experience.
- Leverage GenAI and agentic tools (e.g., coding copilots, AI-assisted testing, refactoring agents) to boost engineering productivity and reduce manual effort.
- Lead end-to-end project delivery, from RFC design and milestone planning to testing and rollout.
- Identify and resolve security, privacy, and performance issues early through proactive analysis and monitoring.
- Design and implement concurrent systems leveraging Kotlin coroutines or the RxJava framework.
- Contribute to platform evolution efforts like Kotlin Multiplatform, shared SDKs, or architecture unification.
- Enhance CI/CD pipelines, crash alerting, and observability to improve release stability.
- Mentor teammates, review designs and code, and foster a culture of security-first engineering excellence.
Qualifications
You have:
- 5+ years of experience developing Android applications in Kotlin and/or Java.
- Proven ability to deliver complex, cross-functional Android projects end-to-end.
- Hands-on experience with authentication and security technologies:
- Biometrics (Fingerprint, Face Unlock)
- Play Integrity API / SafetyNet / Firebase Attestation
- Android Keystore, Encrypted SharedPreferences, secure data storage
- Passkeys, OAuth, JWT, SSL pinning, and network encryption
- Experience building reusable frameworks or annotations that simplify adoption of security best practices.
- Strong grasp of networking, authentication, and secure storage in Android.
- Familiarity with CI/CD systems (Jenkins, GitHub Actions, Gradle pipelines) and monitoring tools (Sentry, Crashlytics).
- Excellent collaboration skills, with experience working closely with backend, platform, and product teams.
- Passion for writing clean, maintainable, and reliable code focused on user trust and security.
Additional Information
Bonus points for:
- Experience in fraud prevention, KYC, or account protection systems.
- Contributions to cross-platform SDKs or KMP libraries.
- Exposure to architecture design or modernization initiatives (e.g., Cubit, Clean Architecture, or platform unification).
- Experience mentoring engineers or driving technical direction for a team.
- Experience with agentic or autonomous development systems e.g., using or contributing to AI-assisted build, test, or deployment frameworks.
By proceeding with your application
,
you are adhering to our PDPA policies. In case you are interested to know more, read about our Candidates Personal Data Privacy Statement.
