Sr. mobile app security engineer

Company Profile

e Infochips, an Arrow company, is a leading global provider of product engineering and semiconductor design services. With over 500+ products developed and 40 M deployments in 140 countries, e Infochips continues to fuel technological innovations in multiple verticals. The company’s service offerings include digital transformation and connected Io T solutions across various cloud platforms, including AWS and Azure.

Along with Arrow’s $27 B in revenues, 19,000 employees, and 345 locations serving over 80 countries, e Infochips is primed to accelerate connected products innovation for 150,000+ global clients. e Infochips acts as a catalyst to Arrow’s Sensor-to-Sunset initiative and offers complete edge-to-cloud capabilities for its clients through Arrow Connect.

Founded in 1994, our work culture is built over years of experience in providing innovative solutions to our clients and our indomitable spirit to excel in all aspects of our engagement. We believe that our success lies upon the skills and quality of our people we work with.

Services

• Silicon engineering services: ASIC / FPGA Design & Development, Design Verification & Validation, Physical Design & DFT
• Embedded systems engineering services: Hardware Design, System Software, System Verification & Validation, Multimedia
• Software engineering services: Cloud Enablement, Io T & Mobility, Application Software, QA and Test Automation, BI and Data Visualization
• Extended services: New Product Development, Lifecycle Management, Product Sustenance
• IPs: Dev Ops for Io T, Io T Gateway Framework, Io T Device Lifecycle Management, Video Management Software, Reusable Camera Framework, Test Automation Framework, Reference Designs & EVMs, Verification IPs, Opti X – Physical Design Framework

Job Description

Role Overview

Senior mobile application security professional responsible for securing Android and i OS applications across the full development lifecycle, working closely with mobile, backend, and product teams to identify, validate, and reduce security risks, with a strong focus on practical security testing, SSDLC integration, and API security.

Key Responsibilities

• Perform end-to-end security testing of Android and i OS mobile applications
• Execute static, dynamic, and runtime security testing of mobile apps
• Conduct API security testing supporting mobile applications and backend services
• Assess authentication, authorization, session management, and token handling
• Validate mobile-to-backend communication security including TLS and certificate handling
• Identify business logic flaws and abuse scenarios across mobile and API workflows
• Participate in SSDLC activities including threat modeling, secure design reviews, and security requirement definition
• Review mobile application architecture and data flows from a security perspective
• Provide clear, actionable remediation guidance and support fix validation
• Align security findings with applicable security standards, frameworks, and compliance expectations
• Support customer, audit, or certification-driven security assessments when required

Technical Skills

• Strong hands-on experience in Android and i OS application security testing
• Solid understanding of mobile application architecture and platform-specific security risks
• Practical experience with mobile reverse engineering and runtime analysis
• Strong API security testing skills aligned with OWASP API Security Top 10
• Working knowledge of OWASP Mobile Top 10, MASVS, and MASTG
• Understanding of Secure Software Development Lifecycle and secure coding practices
• Familiarity with NIST Secure SDLC principles and ISO/IEC 27001 application security controls
• Exposure to product security standards such as IEC 62443 is a plus
• Experience using industry-standard mobile and API security testing tools
• Ability to clearly document findings, risk impact, and remediation guidance

Location

Ahmedabad, Pune

Application

Interested Candidates can share your resume on