REMOTE- SR. Android Developer- C++-Mobile App Security
CyberCoders Phoenix, AZ
- Posted: over a month ago
- $150,000 to $200,000 Yearly
Design and write secure, modular, high-performance orchestration libraries for Android that perform the following functions:
Verify device integrity
Handle device authentication and attestation with the Certificate Authority backend
Secure and initiate the capture process for camera and other sensors
Perform cryptographic operations including generating cryptographic keys, generating certificate signing requests, hashing to generate multihash- and multibase- formatted digests, and generating digital signatures
Manage long-term and short-term secrets storage, including authentication credentials and digital signature keys
Provide the primary abstracted interface to upper-layer containing apps
Function consistently on a broad spectrum of device models, underlying hardware capabilities, and operating system versions
Work closely with Android sensor R&D engineers to integrate their sensor data acquisition and file writing modules with the above mentioned orchestration libraries, into a coherent, high-performance secure camera SDK with minimal storage and memory footprint.
Work closely with the Certificate Authority team, the hardware security team, and the product engineering team on designing a secure, scalable protocol for mobile device authentication and attestation.
Be accountable to the product engineering team for secure camera SDK stability, footprint, and performance
Contribute to the creation of an open standard for authenticatable media files alongside industry heavyweights such as Adobe, Twitter, Microsoft, and more.
Collaborate with the broader R&D team on a unified architectural approach to Controlled Capture technology
Have experience developing Android apps or libraries for high security applications
Have expertise with C, C++, and either Java or Kotlin
Have experience implementing proactive defenses against device compromise, rooting, jailbreaking, peripheral spoofing, buffer manipulation, authentication abuse, authentication bypass, state manipulation, code injection, and MITM attacks.
Have experience with code obfuscation and passing penetration testing
Have experience designing and implementing secure communication protocols to interface with backend servers
Have superb communication skills and the ability to make compelling data-driven arguments for your architectural and implementation recommendations
Have prior experience building SDKs or reusable libraries for Android, using AAR bundles and Maven
Have knowledge of Public Key Infrastructure (PKI) concepts, including internet standards for cryptographic algorithms, hashing schemes, digital signature schemes, trusted time-stamping, and cryptographic certificates.
Have experience with leveraging mobile device attestation technologies on Android
Have experience with leveraging platform security tools such as Android StrongBox KeyStore for generating, storing, and managing authentication and signature secrets
- Android SDK
- Penetration Testing
- buffer manipulation
- state manipulation
- Code Injection
- MITM attacks
- authentication abuse
Applicants must be authorized to work in the U.S.
CyberCoders, Inc is proud to be an Equal Opportunity Employer
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law.
Your Right to Work – In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification document form upon hire.
TechnologyView all jobs at CyberCoders