Peersight
Employers
Jobs
Companies
Top Cities
Log In
Jobs
Customer Service - Work from Home Product Tester at Home Service Sales Representative Sales Representative Sales Representative Service Flooring Sales Associate Sales Representative Sales Representative Part Time Sales Product Tester at Home Product Tester at Home Product Tester at Home Part Time Sales Line Cook Customer Service - Work from Home Service client Service Bilingual Customer Service - French and Sales Customer Service - Work from Home Customer Service - Work from Home Lumber Sales Associate Product Tester at Home Product Tester at Home Product Tester at Home Customer Service - Work from Home Cashier - Daytime Availability Receiving Associate Full Time Service In-Home Usage Tester Customer Service - Work from Home In-Home Usage Tester Product Tester at Home Product Tester at Home Bilingual Customer Service - French and In-Home Usage Tester Service In-Home Usage Tester Marchandiseurs en Vente In-Home Usage Tester Customer Service - Work from Home Customer Service - Work from Home Customer Service - Work from Home Senior Accountant Product Tester at Home Product Tester at Home Product Tester at Home Service client Newest Jobs
Companies
Yelp ContactMonkey CareGuide Sterling-Turner Clearbanc Two Sigma WeWork Aecom Exact Media Aerotek Jane Street First Convenience Bank Doordash AsteroidX AT&T Shopify Insight Global Creative Circle Hatchways Clickworker Borrowell Square Vector Marketing Amazon Flex LowCostWebDesignFirm.com Walgreens Recovhub Instacart American Income Life Scotiabank 51talk TD Bank Microsoft Akira Paylocity UnitedHealth Group Top Hat CI&T mappedin Desjardins Checkout 51 Mobeewave The Youth Connection GoParkr Peel Regional Police Hootsuite autoTRADER.ca ScribbleLive SnapTravel Xiaomi All Companies
Top Cities
Chicago, Illinois Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs New York, New York Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Toronto, Ontario Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Vancouver, British Columbia Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Calgary, Alberta Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs San Francisco, California Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Montréal, Quebec Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Los Angeles, California Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs
Navigation
My Profile Log Out

Mobile Security Engineer At Bank of America

Location: Chicago, Illinois

Job Description

Job Description:

Mobile Security Engineer is a key individual contributor who reports to the Senior Mobile Security Engineer/Architect lead on the GIS Cybersecurity Technology team. The Mobile Security Engineers are responsible for mobile security across broad portfolio of systems which include large scale employee mobile and consumer facing mobile apps, assessment and introduction of new, emerging mobile technologies. Mobile Security Engineers are responsible for architecture, engineering and design of mobile security solutions/systems, with accountability for research, design, engineering, implementation, and support of a broad spectrum of mobile security initiatives which include both software and hardware.

This role will include analysis of mobile apps, mobile vulnerabilities, mobile frameworks, mobile device/app management, mobile development solutions, and assessment of risks introduced by mobility; working knowledge of mobile based operating systems are required E.g. iOS and Android. Some key areas of focus: Vulnerability analysis, MTD, MARS, EA/DMZ request, Threat Models/Rapid Threat Assessments, MDM/MAM configuration, Test.

The ideal candidate will possess expertise in several of the following areas:

  • Mobile App Development
  • Mobile Device Management/MDM and OS patching
  • Mobile App Management/MAM and app updates/patching
  • Mobile App Containerization and Wrapper Technologies
  • Mobile Operating Systems and Platforms
  • Mobile Testing, Quality Assurance and Security Verification
  • Mobile App Signing and Certificate Governance
  • Mobile Authentication (FIDO, OAuth, etc.)
  • Mobile Code Protection, Obfuscation and Tamper Resistance
  • RESTful Services
  • Mobile Threat Modeling
  • Mobile Vulnerabilities (CVE, CVSS, CWE ratings, etc.)

Required Skills and Responsibilities:

  • Mobile specific technical skills
    • Mobile app software development experience including app signing across platforms preferable
    • Mobile app software delivery experience preferable
    • Familiarity with mobile security vulnerability assessment techniques during design, development and testing
    • Familiarity with mobile platform attack and defense techniques
    • Familiarity with MDM, MAM
    • Experience with iOS and Android platforms
    • Experience with Swift, Objective-C and Java for mobile development
    • Experience with mobile security testing and QA
    • Experience conducting mobile security reviews preferable
    • Knowledge of mobile app penetration/testing
  • Contribute to the continued development of mobile ecosystem governance for internal MARS (mobile app registry system) system and ensuring bank apps adhere to bank policies, standards and guidelines
  • Collaborate with architecture, BISO, LOB and enterprise teams regarding mobile device and app management implementations and deployments; mobile app and certificate signing processes and related policies
  • Partner to create threat models and rapid threat assessments supporting enterprise systems (MAM, MDM) and bank mobile apps, threat models will enumerate threats by attack surface, and identify countermeasure options `
  • Collaborate with internal GIS and enterprise teams to use tools within the SDLC relevant to strengthening mobile security including partnering with mobile developer/solutions architect support; promote use of threat modeling, reference design patterns, source code analysis, mobile ethical hacks, brand identity, vulnerability detection.
  • Partner to identify and implement defensive controls for bank mobile devices, and aid in implementing methods and processes for production deployment E.g. Mobile Threat Defense [Lookout, Skycure, Zimperium, etc] in partnership with CSD and CTO/FC teams
  • Build and execute on a hardening checklist for different platforms – iOS, Android, Blackberry. Define security design patterns for Strong Authentication, Encryption, and Integrity, further refine Mobile Security Playbook, Mobile Security Capabilities Catalog and wiki.
  • Pro-actively engage stakeholders, including development managers, developers, architects, and governance bodies in the Bank to achieve security objectives
  • Deliver multiple technology projects across multiple teams
  • Regularly interact with senior technology and business management, requiring the ability to explain complex technical matters in a way both technical and non-technical personnel can understand
  • Collaboratively develop technical architectures, processes and procedures pursuant to mobile application security objectives together with business and technical partners
  • Develop policies, processes and procedures to advance mobile ecosystem governance security objectives for adoption throughout the Bank
  • Contribute to and interpret enterprise policies, standards, and baselines and mentor personnel with less experience or knowledge of the same
  • Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.

Required Experience Level:

  • 5-10 years of experience with mobile or information security, working with mobile app dev teams and / or software development, at least 2 years of experience focused on mobile security
  • Bachelor’s Degree in Computer Science, Engineering or equivalent or higher in CS, IT, a related technical or engineering field.
  • CISSP or similar professional certification, or commensurate experience

Desired Skills:

  • Experience with Threat Modeling
  • Experience working in the financial sector
  • Demonstrated understanding of security vulnerabilities, attacks and ability to apply/implement appropriate controls or find new ones based on new technology being developed.
  • You are enthusiastic and committed to your work. You do this because you love it.

We are building a team of great Mobile Security Engineering resources who will work together to architect, design, build and deliver secure mobile solutions at scale. If this sounds like you then please get in touch.

Shift:

1st shift (United States of America)

Hours Per Week:

40