Mobile Security Technician
Permanent - Full TimeJob Overview
Location: Nairobi, Kenya
About The Role
We are looking for a Mobile Security Technician to join our Cyber Security Team, which provides intelligence on hacking of Sun King devices to strengthen and expand the digital and financial inclusion of our customers.
As an ethical hacker, your principal mission will be to identify security loopholes in various vendor smartphones and advise on security considerations. You will test Sun King devices for security flaws, particularly mobile phones, conduct hardware vulnerability reviews of smartphones, IoT and automotive devices, develop custom Proof-of-Concept code, and carry out internal penetration testing across products.
About The Role
We are looking for a Mobile Security Technician to join our Cyber Security Team, which provides intelligence on hacking of Sun King devices to strengthen and expand the digital and financial inclusion of our customers.
As an ethical hacker, your principal mission will be to identify security loopholes in various vendor smartphones and advise on security considerations. You will test Sun King devices for security flaws, particularly mobile phones, conduct hardware vulnerability reviews of smartphones, IoT and automotive devices, develop custom Proof-of-Concept code, and carry out internal penetration testing across products.
What you will be expected to do:
- Conduct offensive security assessments of hardware, firmware, embedded operating systems, and payment stacks on Sun King mobile devices.
- Reverse engineer firmware and perform static and dynamic reviews to uncover security weaknesses.
- Detect and exploit vulnerabilities in embedded systems, bootloaders, MDMs, Android kernel components, secure boot implementations, and cryptographic mechanisms.
- Develop and execute proof-of-concept attacks to demonstrate exploitability and business impact.
- Work with product, hardware, and software engineering teams to define secure development practices and strengthen product resilience.
- Contribute to threat modeling and architecture reviews for new products and features.
- Keep current with emerging vulnerabilities, tools, and offensive research relevant to smartphone financing ecosystems.
You might be a strong candidate if you have:
- Solid knowledge of Android security, Mobile Device Management, IoT device architectures, and hardware security testing.
- Strong familiarity with hardware exploitation techniques (e.g., JTAG/SWD/UART debugging, side-channel techniques, fault injection).
- Hands-on experience with Flash 64, Pandora, Easy JTag, Chimera, CM2, and similar tools.
- Proficiency in reverse engineering tools such as Ghidra, IDA Pro, Binary Ninja, and debugging tools like JTAGulator, OpenOCD, or Bus Pirate.
- Experience reviewing and modifying firmware images (binwalk, Firmadyne, QEMU).
- Familiarity with secure boot, TPM/TEE, flash encryption, and other embedded security technologies.
- Programming and scripting capability in Python, C/C++, Bash, or similar languages.
- Knowledge of common vulnerability classes (e.g., memory corruption, design flaws, insecure update mechanisms).
- Exposure to payment/fintech device security and secure device provisioning environments.