mobile application and SDK security

Security Expert – Mobile App & SDK Security

Role Description

We are looking for an experienced Security Expert with a strong focus on mobile application and SDK security for an assignment in Karlskrona. In this role, you will play a key part in ensuring the delivery of a secure, robust product designed for sensitive financial transactions.

You will work closely with developers, architects, and product managers to integrate security throughout the entire development lifecycle. Your expertise in mobile platform security, cryptography, vulnerability assessment, and threat mitigation will be crucial for building trust and safety in end-user solutions.

Responsibilities

• Act as a senior security advisor in mobile application and SDK development
• Define and implement secure coding practices and threat mitigation strategies
• Perform vulnerability assessments, static/dynamic analysis, and threat modeling
• Guide the team on cryptographic standards, secure storage, and secure execution
• Collaborate with stakeholders to ensure compliance with industry security standards (OWASP MASVS/MSTG, NIST, GDPR)
• Provide practical security recommendations and knowledge transfer to developers
  
  

Requirements

Foundational Security Knowledge

• Expertise in asymmetric and symmetric cryptography
• Experience with secure key management, generation, and destruction
• Familiarity with relevant standards (PKCS#11, PKCS#12, FIPS 140-3, NIST SP 800, TLS RFCs)
  
  

Mobile Platform Security

• Deep knowledge of Android and iOS security architectures
• Hands-on experience with secure storage (iOS Keychain, Android Keystore/StrongBox)
• Secure session management and device integrity checks (SafetyNet/Play Integrity, jailbreak detection)
• Experience with anti-tampering, anti-debugging, runtime integrity, and obfuscation techniques
  
  

Platform-Specific Expertise

• Android: Keystore APIs, hardware-backed keys, secure IPC, ProGuard/R8, native code security
• iOS: Secure Enclave, Data Protection APIs, ATS, secure networking, entitlements, provisioning profiles
  
  

Security Testing & Assessment

• Static/dynamic analysis of mobile apps
• Threat modeling methods (STRIDE, LINDDUN, attack trees)
• Familiarity with compliance and security frameworks (OWASP MASVS/MSTG, NIST, GDPR)
  
  

Meriting

• Certifications such as OSED, OSWE, GMOB, CEH, CISSP
• Experience with secure mobile wallets, authentication apps, or cryptographic libraries
• Strong communication skills, with the ability to translate security concepts into actionable developer guidelines
  
  

Start/Duration

Start: ASAP (indicative, by agreement)

Duration: By agreement

Location

Karlskrona (onsite 3 days/week or as agreed)

About Rasulson Consulting

Rasulson Consulting is a specialized staffing and recruitment firm within the IT sector. We partner with established technology companies as well as innovative startups to offer attractive career opportunities for professionals looking to grow within digital development and IT. With our strong technical expertise and extensive network, we effectively match the right consultant with the right assignment. At Rasulson Consulting, you will receive personalized guidance, ongoing feedback, and the opportunity to take the next step in your career.