Job Description

description of job

Security Expert

Swedium Global is seeking an experienced and passionate Security Expert with a strong focus on Mobile App and SDK Security to join our team. In this role, you will be a key contributor to our development project, ensuring the delivery of a highly secure and robust product designed for sensitive financial transactions.

Your expertise in mobile application security, secure coding practices, vulnerability assessment, and threat mitigation will directly influence the safety and trust our customers place in our solutions.

 As a central person in the project, you will collaborate closely with developers, architects, and product managers to integrate security at every stage of the lifecycle, ensuring our mobile platform meets the highest security standards.

Foundational Security Knowledge:

Cryptography expertise:

  • Understanding of asymmetric and symmetric cryptography.
  • Secure key generation, management, and destruction practices.
  • Familiarity with standards (PKCS#11, PKCS#12, FIPS 140-3, NIST SP 800 series, RFCs on TLS/cryptography).

Mobile platform security models:

  • Android security architecture (Linux kernel, SELinux, permission model, sandboxing).
  • iOS security architecture (Secure Enclave, sandboxing, code signing, entitlements).
  • Platform-specific secure storage (Keychain on iOS, Keystore/Strong Box on Android).

Platform-Specific Technical Skills:

Android:

  • Proficiency with Android Keystore APIs, Hardware-Backed Keys, and Strong Box.
  • Experience with SafetyNet/Play Integrity API for device integrity checks.
  • Knowledge of secure IPC and Binder communication.
  • Familiarity with obfuscation, ProGuard/R8, and native code security.

iOS:

  • Deep understanding of the Secure Enclave, Keychain, and Data Protection APIs.
  • Experience with App Transport Security (ATS) and secure networking frameworks (URL Session, Network. framework).
  • Knowledge of entitlements, provisioning profiles, and jailbreak detection techniques.

Secure Execution & Communication:

  • -Secure session management
  • -Mitigation of common mobile threats
  • -Secure execution practices: anti-debugging, anti-tampering, runtime integrity checks. -Familiarity with hardware-backed enclaves (TEE, ARM Trust Zone, Apple Secure Enclave).

Security Testing & Assessment:

  • -Static and dynamic analysis
  • -Threat modelling (STRIDE, LINDDUN, attack trees) specific to mobile cryptographic apps.
  • -Experience with compliance and standards (OWASP MASVS/MSTG, NIST, GDPR).

Professional & Soft Skills:

  • -Certifications (nice to have, not must):
  • -Offensive Security: OSED, OSWE (web/app exploitation).
  • -GIAC Mobile Device Security Analyst (GMOB).
  • -Certified Ethical Hacker (CEH).
  •  -CISSP with strong focus on cryptography and application security.

Industry experience:

  • -Prior work with secure mobile wallets, authentication apps, or cryptographic libraries.
  • -Communication skills:
  • Ability to translate complex security recommendations into practical development guidelines for mobile engineers

Job Overview

  • Location : Malmo, Sweden
  • Vacancy : 1
  • Key Skills :
Apply Now