Product Security Engineer- Mobile

What you would be expected to do:

• Perform offensive security assessments of hardware, firmware, embedded OS, and payment stacks on Sun King mobile devices.
• Reverse engineer firmware and perform static and dynamic analysis to identify security flaws.
• Identify and exploit vulnerabilities in embedded systems, bootloaders, MDMs, Android kernel, secure boot implementations, and cryptographic mechanisms.
• Build and execute proof-of-concept attacks to demonstrate real-world exploitability and business impact.
• Collaborate with product, hardware, and software engineering teams to define secure development practices and improve product resilience.
• Participate in threat modelling and architecture reviews of new products and features.
• Stay up to date with emerging vulnerabilities, tools, and offensive research relevant to smart phones financing ecosystems.

You might be a strong candidate if you:

• Have fundamental knowledge of Android security, Mobile Device Management, IoT device architectures, and hardware security testing/hacking.
• Possess knowledge of hardware hacking techniques (e.g., JTAG/SWD/UART debugging, side-channel evaluation, fault injection).
• Demonstrate hands on experience with Flash 64, Pandora, Easy JTag, Chimera, CM2 etc
• Are proficient in reverse engineering tools such as Ghidra, IDA Pro, Binary Ninja, and debugging tools like JTAGulator, OpenOCD, or Bus Pirate.
• Demonstrate familiarity with secure boot, TPM/TEE, flash encryption, and other embedded security technologies.
• Show programming and scripting proficiency in Python, C/C++, Bash, or similar languages.
• Are experienced in evaluating and modifying firmware images (binwalk, Firmadyne, QEMU).
• Have solid comprehension of common vulnerabilities (e.g., memory corruption, design flaws, insecure update mechanisms).
• Are exposed to payment/fintech device security and secure device provisioning environment.