Company Overview

Pay10 is transforming the way businesses and individuals engage with digital payments. As a rapidly growing fintech company, we’re building seamless, secure, and scalable solutions that power global commerce. Our mission is to simplify payments through innovation and technology, helping our partners and users transact with confidence across borders. At Pay10, you’ll be part of a collaborative and ambitious team driving meaningful impact in the future of finance.

About Role:

Building the Regional "Super App" Engine

We are Pay10 UAE. We are the Flagship Incubator for the region. We don't just build apps; we architect the Reference Implementation that sets the benchmark for the Middle East market.

We are looking for a Mobile Lead Developer who is a master of the "Hybrid" world. You must have deep roots in Native Development (Swift/Kotlin) and have evolved to master Flutter.

You aren't just coding screens; you are building a modular, secure, and white-labelable chassis. You will architect proprietary Internal SDKs, handle complex Banking Integrations, and act as the primary defense against Security Penetration Tests.

The Mandate (What You Own)

• The "Hybrid" Authority (Flutter + Native): You own the architecture of our modular Flutter application. Because you have a decade of experience, you know exactly when to stay in Dart and when to drop down to Swift/Kotlin for performance. You manage the Method Channels and native bridges yourself—no dependencies on unmaintained packages.
• SDK Development Strategy: You don't just consume SDKs; you build them. You will architect internal, reusable Pay10 Mobile SDKs (e.g., a "Payment Checkout" widget) that can be embedded into third-party merchant apps or other regional tenants.
• Security & Pentesting Remediation: You are responsible for the application's "Fort Knox" status. You proactively run vulnerability scans and fix issues flagged in Penetration Tests (OWASP Mobile Top 10), such as Insecure Data Storage, Jailbreak Detection bypassing, and Man-in-the-Middle attacks.
• The Design System Bridge: You are responsible for the "Figma-to-Flutter" pipeline. You actively maintain the code library of Design Tokens (Colors, Typography, Spacing) ensuring that if Design updates a token, it propagates to the app instantly.

The Scope (Your Domain)

You are responsible for the mobile delivery of our core pillars:

• Consumer Wallet: P2P transfers, QR Code scanning (Jaywan/Aani), and intricate transaction history animations.
• Banking & Payment Integration: Deep integration with Payment Gateways and Core Banking APIs. Handling ISO 8583 message parsing (if required at edge), 3DSecure web-view redirects, and complex T+1 settlement displays.
• Secure Local Storage: Architecting encrypted offline storage using SQLCipher, Hive (Encrypted), or Realm. Ensuring sensitive tokens and keys are never stored in plain text (Shared Preferences/User Defaults) but always in the Keystore/Keychain.
• Advanced OCR & eKYC: Architecting high-performance OCR pipelines using native camera APIs (CameraX/AVFoundation) for real-time edge detection, glare reduction, and image pre-processing before extracting data from Emirates IDs/Passports. integrating proprietary OCR SDKs (e.g., BlinkID, Regula) via optimized native bridges.
• Native Banking Hardware: Implementing native handling for NFC (Near Field Communication) to read contactless credit cards and biometric passport chips (ePassport). Accessing the Secure Enclave/Trusted Execution Environment (TEE) for hardware-backed cryptographic operations.
• Regional White-Labeling: Managing the theming engine that allows us to re-skin the app dynamically for different tenants within the region using Flavors.

Responsibilities

1. Architecture & Strategy

• Implement Clean Architecture with strict separation of concerns (Data, Domain, Presentation layers).
• Define the State Management strategy (Riverpod or BLoC) and enforce it across the squad.
• SDK Modularization: Decouple core features (e.g., "Bill Payments") into standalone packages/modules so they can be maintained or updated independently.

2. Engineering Leadership

• Security First: Lead the remediation of findings from external Security Audits. Implement Certificate Pinning (SSL), Code Obfuscation (ProGuard/DexGuard), and Anti-Tamper mechanisms.
• Code Quality Gate: You are the final approver on Pull Requests. You enforce strict linting rules and require Unit Tests for all business logic.
• CI/CD Pipeline: Work with DevOps to manage the automated build and release pipeline (Codemagic/Bitrise/Fastlane) for regional App Stores (Apple, Google, Huawei).

3. Integration & Innovation

• Native Bridge Building: Write custom Swift and Kotlin code to bridge gaps where Flutter plugins are insufficient or insecure (e.g., accessing specific hardware security modules).
• Banking Functionality: Implement specialized native features such as Check Scanning, Card Scanning (CardIO), and Geolocation-based Fraud Detection using native location services to ensure transaction legitimacy.
• Biometric Logic: Implement "Step-Up Authentication" logic using FaceID/TouchID for high-value transactions.

Who You Are (The SME We Need)

• The 10-Year Veteran: You remember the days of Objective-C and Java. You understand the Mobile Lifecycle deeply because you lived through the evolution of iOS and Android.
• The Security Hawk: You know what "Root Detection" really means. You know why storing an API Key in the code is a fireable offense.
• The Performance Obsessive: You know how to use the Flutter DevTools to find a frame drop. You know the cost of a setState() vs. a Consumer.
• The "Native" Native: You aren't afraid of opening Xcode or Android Studio. You understand Gradle build flavors and Info.plist permissions because you know Flutter relies on them.

Key Qualifications

• Experience: 10+ Years in Mobile Development.
• Must Have: Strong foundation in Native iOS (Swift/Obj-C) and Android (Kotlin/Java).
• Must Have: 4+ Years dedicated to Flutter in an Enterprise/Banking environment.
• Banking Expertise: Proven experience building Digital Wallets, Banking Apps, or Payment Terminals. Proficient with NFC Core (iOS) and Android NFC for reading banking cards/passports.
• OCR & Vision: Hands-on experience with Google ML Kit, Tesseract, or commercial OCR SDKs. Ability to write native camera controllers to optimize image quality for OCR.
• Security Expertise: Experience with Mobile Penetration Testing tools (Frida, Objection) and fixing security vulnerabilities. Experience implementing RASP (Runtime Application Self-Protection).
• SDK Development: Demonstrated experience building and distributing private SDKs/Libraries (CocoaPods, Maven, Pub.dev).
• Architecture: Deep understanding of Clean Architecture, MVVM, and Dependency Injection.
• State Management: Expert proficiency in BLoC (Business Logic Component) or Riverpod.