Top Cities
Log In
ACCOUNTANT Accounting Technician Finance Finance and Accounting Development Entry Level Accounting Specialist Accounting Clerk Accountant Accounts Payable Specialist Regional Controller ACCOUNTANT Staff Accountant Accountant-Analyst Accountant Graduate Accountant - Dallas - Part Time Staff Accountant Capital Accountant -Hilton Anatole Accounts Payable Specialist Accountant National Geographic Accounting Intern - Financial Controller ACCOUNTANT III Accountant Financial Analyst Accounting Assistant Accounts Payable Specialist III Payroll Coordinator Finance Development Program Accountant Accountant Accountant Staff Accountant Accountant Budget Analyst General Accountant I Associate Accountant Accounts Payable Clerk Accounting Manager Accounting Clerk Staff Accountant Account Clerk 2 - Cashier Property Accountant Staff Accountant STAFF ACCOUNTANT Accountant II Full Time Days at Abrazo Fund Accountant - Hedge Fund STAFF ACCOUNTANT ACCOUNTANT II Accountant II Accounting Associate I Corps Accountant_Admin-101 Sr Accountant Newest Jobs
Yelp ContactMonkey Sterling-Turner CareGuide Clearbanc Aecom Two Sigma Aerotek WeWork Exact Media Jane Street Doordash First Convenience Bank AsteroidX AT&T Shopify Borrowell Insight Global Hatchways Creative Circle Square Instacart Amazon Flex American Income Life Vector Marketing Recovhub Walgreens Clickworker Scotiabank Akira Peel Regional Police 51talk Microsoft TD Bank UnitedHealth Group Top Hat Paylocity CI&T Desjardins mappedin Checkout 51 Mobeewave The Youth Connection GoParkr Hootsuite ScribbleLive SnapTravel Xiaomi All Companies
Top Cities
Chicago, Illinois Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs New York, New York Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Toronto, Ontario Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Vancouver, British Columbia Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Calgary, Alberta Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs San Francisco, California Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Montréal, Quebec Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs Los Angeles, California Sales Jobs Engineering Jobs Marketing Jobs Product Jobs Design Jobs Customer Support Jobs
My Profile Log Out

Mobile Security Engineer At Bank of America

Location: Chicago, Illinois

Job Description

Job Description:

Mobile Security Engineer is a key individual contributor who reports to the Senior Mobile Security Engineer/Architect lead on the GIS Cybersecurity Technology team. The Mobile Security Engineers are responsible for mobile security across broad portfolio of systems which include large scale employee mobile and consumer facing mobile apps, assessment and introduction of new, emerging mobile technologies. Mobile Security Engineers are responsible for architecture, engineering and design of mobile security solutions/systems, with accountability for research, design, engineering, implementation, and support of a broad spectrum of mobile security initiatives which include both software and hardware.

This role will include analysis of mobile apps, mobile vulnerabilities, mobile frameworks, mobile device/app management, mobile development solutions, and assessment of risks introduced by mobility; working knowledge of mobile based operating systems are required E.g. iOS and Android. Some key areas of focus: Vulnerability analysis, MTD, MARS, EA/DMZ request, Threat Models/Rapid Threat Assessments, MDM/MAM configuration, Test.

The ideal candidate will possess expertise in several of the following areas:

  • Mobile App Development
  • Mobile Device Management/MDM and OS patching
  • Mobile App Management/MAM and app updates/patching
  • Mobile App Containerization and Wrapper Technologies
  • Mobile Operating Systems and Platforms
  • Mobile Testing, Quality Assurance and Security Verification
  • Mobile App Signing and Certificate Governance
  • Mobile Authentication (FIDO, OAuth, etc.)
  • Mobile Code Protection, Obfuscation and Tamper Resistance
  • RESTful Services
  • Mobile Threat Modeling
  • Mobile Vulnerabilities (CVE, CVSS, CWE ratings, etc.)

Required Skills and Responsibilities:

  • Mobile specific technical skills
    • Mobile app software development experience including app signing across platforms preferable
    • Mobile app software delivery experience preferable
    • Familiarity with mobile security vulnerability assessment techniques during design, development and testing
    • Familiarity with mobile platform attack and defense techniques
    • Familiarity with MDM, MAM
    • Experience with iOS and Android platforms
    • Experience with Swift, Objective-C and Java for mobile development
    • Experience with mobile security testing and QA
    • Experience conducting mobile security reviews preferable
    • Knowledge of mobile app penetration/testing
  • Contribute to the continued development of mobile ecosystem governance for internal MARS (mobile app registry system) system and ensuring bank apps adhere to bank policies, standards and guidelines
  • Collaborate with architecture, BISO, LOB and enterprise teams regarding mobile device and app management implementations and deployments; mobile app and certificate signing processes and related policies
  • Partner to create threat models and rapid threat assessments supporting enterprise systems (MAM, MDM) and bank mobile apps, threat models will enumerate threats by attack surface, and identify countermeasure options `
  • Collaborate with internal GIS and enterprise teams to use tools within the SDLC relevant to strengthening mobile security including partnering with mobile developer/solutions architect support; promote use of threat modeling, reference design patterns, source code analysis, mobile ethical hacks, brand identity, vulnerability detection.
  • Partner to identify and implement defensive controls for bank mobile devices, and aid in implementing methods and processes for production deployment E.g. Mobile Threat Defense [Lookout, Skycure, Zimperium, etc] in partnership with CSD and CTO/FC teams
  • Build and execute on a hardening checklist for different platforms – iOS, Android, Blackberry. Define security design patterns for Strong Authentication, Encryption, and Integrity, further refine Mobile Security Playbook, Mobile Security Capabilities Catalog and wiki.
  • Pro-actively engage stakeholders, including development managers, developers, architects, and governance bodies in the Bank to achieve security objectives
  • Deliver multiple technology projects across multiple teams
  • Regularly interact with senior technology and business management, requiring the ability to explain complex technical matters in a way both technical and non-technical personnel can understand
  • Collaboratively develop technical architectures, processes and procedures pursuant to mobile application security objectives together with business and technical partners
  • Develop policies, processes and procedures to advance mobile ecosystem governance security objectives for adoption throughout the Bank
  • Contribute to and interpret enterprise policies, standards, and baselines and mentor personnel with less experience or knowledge of the same
  • Ability to undertake and complete tasks independently, meet schedules and delivery timelines, and to move swiftly from concepts and theory to action.

Required Experience Level:

  • 5-10 years of experience with mobile or information security, working with mobile app dev teams and / or software development, at least 2 years of experience focused on mobile security
  • Bachelor’s Degree in Computer Science, Engineering or equivalent or higher in CS, IT, a related technical or engineering field.
  • CISSP or similar professional certification, or commensurate experience

Desired Skills:

  • Experience with Threat Modeling
  • Experience working in the financial sector
  • Demonstrated understanding of security vulnerabilities, attacks and ability to apply/implement appropriate controls or find new ones based on new technology being developed.
  • You are enthusiastic and committed to your work. You do this because you love it.

We are building a team of great Mobile Security Engineering resources who will work together to architect, design, build and deliver secure mobile solutions at scale. If this sounds like you then please get in touch.


1st shift (United States of America)

Hours Per Week: