Sr. Mobile App Security Engineer

Company Profile:

eInfochips, an Arrow company, is a leading global provider of product engineering and semiconductor design services. With over 500+ products developed and 40M deployments in 140 countries, eInfochips continues to fuel technological innovations in multiple verticals. The companys service offerings include digital transformation and connected IoT solutions across various cloud platforms, including AWS and Azure.

Along with Arrows $27B in revenues, 19,000 employees, and 345 locations serving over 80 countries, eInfochips is primed to accelerate connected products innovation for 150,000+ global clients. eInfochips acts as a catalyst to Arrows Sensor-to-Sunset initiative and offers complete edge-to-cloud capabilities for its clients through Arrow Connect.

Founded in 1994, our work culture is built over years of experience in providing innovative solutions to our clients and our indomitable spirit to excel in all aspects of our engagement. We believe that our success lies upon the skills and quality of our people we work with.

Silicon engineering services: ASIC / FPGA Design & Development, Design Verification & Validation, Physical Design & DFT

Embedded systems engineering services: Hardware Design, System Software, System Verification & Validation, Multimedia

Software engineering services: Cloud Enablement, IoT & Mobility, Application Software, QA and Test Automation, BI and Data Visualization

Extended services: New Product Development, Lifecycle Management, Product Sustenance

IPs: DevOps for IoT, IoT Gateway Framework, IoT Device Lifecycle Management, Video Management Software, Reusable Camera Framework, Test Automation Framework, Reference Designs & EVMs, Verification IPs, OptiX Physical Design Framework

Role Overview

Senior mobile application security professional responsible for securing Android and iOS applications across the full development lifecycle, working closely with mobile, backend, and product teams to identify, validate, and reduce security risks, with a strong focus on practical security testing, SSDLC integration, and API security.

Perform end-to-end security testing of Android and iOS mobile applications

Execute static, dynamic, and runtime security testing of mobile apps

Conduct API security testing supporting mobile applications and backend services

Assess authentication, authorization, session management, and token handling

Validate mobile-to-backend communication security including TLS and certificate handling

Identify business logic flaws and abuse scenarios across mobile and API workflows

Participate in SSDLC activities including threat modeling, secure design reviews, and security requirement definition

Review mobile application architecture and data flows from a security perspective

Provide clear, actionable remediation guidance and support fix validation

Align security findings with applicable security standards, frameworks, and compliance expectations

Support customer, audit, or certification-driven security assessments when required

Technical Skills

Solid understanding of mobile application architecture and platform-specific security risks

Practical experience with mobile reverse engineering and runtime analysis

Strong API security testing skills aligned with OWASP API Security Top 10

Working knowledge of OWASP Mobile Top 10, MASVS, and MASTG

Understanding of Secure Software Development Lifecycle and secure coding practices

Familiarity with NIST Secure SDLC principles and ISO/IEC 27001 application security controls

Exposure to product security standards such as IEC 62443 is a plus

Experience using industry-standard mobile and API security testing tools

Ability to clearly document findings, risk impact, and remediation guidance

Location

Ahmedabad, Pune

Interested Candidates can share your resume on

[HIDDEN TEXT]