Are you excited about winning in cloud, security, and mobility? We are looking for passionate people to help us build the next chapter of MobileIron. Join us as we rapidly innovate to meet the needs of our growing customer base.
- Work to ensure the security of mobile applications and server platforms throughout the portfolio, with a focus on mobile
- Identify best practices in secure development and implementation, and evangelize these in the organization
- Identify improvements and iterate on the Secure Development Lifecycle at MobileIron
- Threat model areas of risk within the existing applications
- Be an active evangelist of security in the pipeline, working to identify tools, techniques, and frameworks to assist in finding security bugs at the earliest stages.
- Act as the application security subject matter expert for product security issues internally and the field
- Perform penetration testing on our internal- and external-facing applications
- Perform threat modeling for existing applications
- Work as a member of the Product Security Incident Response Team when escalations from the field arise.
- Collaborate with the operations teams to ensure secure deployment and pipeline practices
- Identify techniques and tools to improve the anomaly monitoring of infrastructure and products across the MobileIron portfolio
- Significant background in at least one language (Preference towards Python and Java).
- Significant background in Mobile Operating System Security (iOS/Android), knowledge of both are a plus
- Significant experience with security tooling in a CI/CD pipeline
- Significant experience with application security practices and secure development lifecycles
- Experience with red team testing
- Solid understanding of networking fundamentals and network security considerations
- Solid understanding of certificates, encryption, and network security
- Experience with REST API design, development, and testing
- Intermediate skill level and experience working with industry standard cybersecurity frameworks, such as NIST CSF, ISO 27001, CIS Benchmarks, HITRUST, etc.
- 5 or more years in application security testing, including dynamic & static code scanning
Nice to Have
- Experience with DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc)
- Strong preference for experience with public cloud infrastructure and security best practices, particularly AWS
- Innate curiosity and ability to learn. Individual should be confident in picking up new technologies and pivoting when the role requires, given the fast paced agile development environment we support.
- Communication and presentation are critical. You will be working with a global cross-functional team to address challenging technical problems and aligning security engineering practices with business realities.
- Critical thinking and troubleshooting are paramount. Practical, creative solutions to difficult problems are key.
- Passion for security. We’re looking for people who genuinely care about working to create a secure product with modern, agile facing practices.
- Sharp eye for detail. With security, the devil is in the details. We’re looking for people who can find the needle in the haystack that could put our customers at risk.