T
Posted 7 hours ago
Senior/Staff Mobile Security Engineer
Tools for HumanitySenior/Staff Mobile Security Engineer
Perks & benefits
Health InsuranceMedical InsurancePaid LeaveCommissionRelocation AllowanceVisa
Requirements
8+ years mobile security experience, Expertise in Android or iOS, Mobile device attestation experience, Mobile application hardening expertise, Reverse engineering skills, Proficiency in Kotlin, Java, or Swift
Skills
AndroidiOSMobile Security
About the role
About the Company
Tools for Humanity (TFH) designs and builds technology behind World. World is building a real human network designed to accelerate people in the age of AI. The TFH and World tech stacks make this possible: the Orb verifies real, unique people, World ID proves it privately, and World App puts these capabilities, and more, in people’s hands.
Responsibilities
- Design, build, and operate mobile device attestation and integrity verification systems across Android and iOS
- Engineer anti-tampering, anti-hooking, and runtime integrity protections for the World App
- Own the mobile hardening strategy end-to-end including certificate pinning, secure storage, and obfuscation
- Design cryptographic protocols for on-device biometric authentication resistant to replay and deepfake attacks
- Build and maintain server-side attestation verification infrastructure
- Lead threat modeling for mobile-specific attack surfaces like biometric bypass and key extraction
- Embed security into the mobile development lifecycle through deep code reviews and automated CI/CD checks
- Mature the mobile vulnerability management process and manage vendor relationships
Requirements
- 8+ years of hands-on experience in mobile security engineering
- Deep expertise in Android or iOS (ideally both)
- Proven experience designing mobile device attestation systems (Android KeyStore, Apple App Attest, etc.)
- Strong background in mobile application hardening and runtime integrity protection
- Experience with mobile reverse engineering and offensive security tools like Frida or Objection
- Proficiency in Kotlin/Java (Android) and/or Swift (iOS)
- Experience securing on-device cryptographic operations and hardware-backed keys
- Strong understanding of mobile-specific attack vectors like overlay attacks and biometric bypass
Preferred Qualifications
- Experience building server-side attestation verification services
- Experience with RASP vendor evaluation (Zimperium, Guardsquare, etc.)
- Background in payment security or PCI-compliant mobile applications
- Familiarity with zero-knowledge proofs or on-device biometric processing
- Experience with Rust, Go, or Python for backend security tooling
ScoutJobs Agent
Get matches like this delivered daily
Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.
Get started — it's freeSenior/Staff Mobile Security Engineer
Tools for Humanity · San Francisco
