Title: Android (SDET)
Location: SFO, CA (5 Days Onsite)
Skills: Security, Compliance, QS, RM
Job Description:
We are seeking an Android SDET Security Compliance QS RM Resource having 8+ years of professional specializing in Security Compliance, Quality Systems (QS), and Risk Management (RM) ensures that Android applications or system-level software meet strict security standards, regulatory requirements, and high-quality benchmarks. They create automated security test frameworks, validate compliance, and assess risk.
This role requires close collaboration with crossfunctional teams, adherence to Engineering standards, Architecture patterns and Agile practices, and ownership of service quality and delivery.
Key Responsibilities
- Security Automation: Architect, develop, and maintain automated security test frameworks, focusing on mobile-specific security requirements (e.g., encryption, permissions, data leakage). Develop automated test suites to validate security protocols such as encryption-at-rest, secure data transit, and access controls. Implement "Compliance Jobs" to detect rooted/jailbroken devices or outdated security patch levels across a fleet.
- Quality Standards: Design and maintain advanced automation frameworks for Android internals, including the System Framework and Kernel layers. Define the "high security bar" for products by analyzing regulatory and certification requirements.
- Compliance & Risk Management: Evaluate applications against security compliance standards (e.g., GDPR, HIPAA, SOC 2, FIPS 140-2) and internal quality system requirements. Take ownership of product quality during monthly release cycles, coordinating with Program Managers and QA leads.
- Vulnerability Assessment: Perform penetration testing, security assessments, and risk analysis to identify potential flaws in Android applications and systems.
- Android Internals Testing: Conduct in-depth debugging, using Android tools such as ADB, logcat, and tombstones to root-cause issues.
- CI/CD Integration: Integrate security scanners and automated test suites into CI/CD pipelines to ensure compliance throughout the development lifecycle.
- Risk Mitigation: Define security test strategies that focus on high-risk areas, implementing controls and ensuring compliance with regulatory requirements
Mandatory Technical Skills & Competencies
- Android Expertise: Strong knowledge of Android SDK, system architecture, and mobile security.
- Expert in debugging using Android tools like ADB, logcat, and tombstones.
- Programming Skills: Proficiency in programming languages such as Kotlin, Java, Python, or C++.
- Automation Experience: 8+ years of experience with automation frameworks like Appium, Espresso, or UI Automator.
- Security Knowledge: Familiarity with security protocols, encryption methodologies, and threat modeling.
- Regulatory Familiarity: Understanding of data protection laws and industry regulations (e.g., GDPR, DORA, NIS2)
- Knowledge of monitoring tools such as Prometheus, Grafana, or ELK stack.
- Understanding of distributed tracing and logging.
- Cloud concepts like fundamentals, App Configuration / App Settings, Key Vault, Cache, Service Bus (queues/topics), Event driven architecture, Blob Storage, cloud security, scalability, and resiliency patterns
- Understanding of Microservice Development design, implementation, Middleware (Kafka), filters, exception handling, logging, Authentication and authorization (JWT/OAuth concepts), Performance optimization and secure coding practices
- Agile and Collaboration Tools: Sprint planning, work item tracking, and agile delivery, technical documentation and knowledge sharing
Never miss an opportunity! Create an alert based on the job you applied for.
