Mobile Application Penetration Tester

Role Summary

You will lead and execute mobile application penetration tests on iOS and Android platforms for clients that include financial institutions and regulated enterprises. Expect real targets, complex business logic, and engagements where your findings directly harden production systems.

Key Responsibilities

• Conduct end-to-end penetration tests on Android (APK/AAB) and iOS (IPA) applications following OWASP MASVS and MSTG methodologies.
• Perform static analysis (SAST), dynamic analysis (DAST), and runtime instrumentation using Frida, Objection, and custom tooling.
• Reverse engineer mobile binaries using Jadx, Ghidra, Hopper, IDA, and Apktool to identify vulnerabilities and bypass client-side controls.
• Assess API and backend security (REST, GraphQL, gRPC) as part of mobile engagements, including authentication, authorization, and session management flaws.
• Bypass anti-tamper, SSL/certificate pinning, root/jailbreak detection, and code obfuscation.
• Identify hardcoded secrets, insecure storage, weak cryptography, insecure IPC, deep link abuse, and platform misconfigurations.
• Write client-ready reports with executive summaries, technical findings, severity ratings, reproduction steps, and remediation guidance.
• Present findings to technical and non-technical stakeholders, including debrief calls and retest cycles.
• Contribute to internal tooling, methodology, and knowledge base.

Required Qualifications

• 2+ years of hands-on mobile penetration testing experience.
• Strong grasp of OWASP MASVS, MSTG, and Mobile Top 10.
• Proficiency with Burp Suite, Frida, Objection, MobSF, Jadx, Apktool, Ghidra, and proxy interception on mobile.
• Experience with SSL pinning bypass, root/jailbreak detection bypass, and runtime hooking.
• Working knowledge of Android internals (Dalvik/ART, Smali, AndroidManifest, intents, content providers) and iOS internals (Objective-C/Swift, entitlements, Keychain, URL schemes).
• API security testing skills (OWASP API Top 10).
• Scripting in Python or Bash, with the ability to write custom Frida scripts in JavaScript.
• Strong technical writing and root-cause analysis.
• Comfortable working independently and managing engagement timelines.

Preferred Qualifications

• Certifications: OSCP, eMAPT, OSWE, CRTP, GMOB, or equivalent.
• CVE credits, bug bounty track record (HackerOne, Bugcrowd, Synack), or published research.
• Experience testing banking, fintech, or healthcare mobile apps, especially in regulated environments (SBP, HIPAA).
• Familiarity with SAST/DAST automation and CI/CD security integration.
• Experience with smali patching, custom APK repackaging, and Magisk/Zygisk modules.
• Understanding of mobile malware analysis and threat modeling (STRIDE, PASTA).

Job Types: Full-time, Contract
Contract length: 12 months

Work Location: Hybrid remote in Lahore Johar Town