Search by job, company or skills

TalaKunchi Networks Pvt Ltd

Mobile Appsec - SME

TalaKunchi Networks Pvt Ltd
Mumbai, India
3-5 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 5 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Key Responsibilities

  • Perform security testing of Android and iOS mobile applications used in digital payment ecosystems
  • Conduct manual and automated mobile security testing aligned with:
  • OWASP Mobile Top 10
  • OWASP MASVS & MSTG
  • Identify vulnerabilities related to:
  • Insecure data storage
  • Weak cryptography
  • Insecure communication
  • Authentication & authorization flaws
  • Business logic issues in payment flows
  • Perform runtime instrumentation and dynamic analysis using:
  • Frida, Objection, Xposed
  • Reverse engineer mobile applications using:
  • APKTool, JADX (Android)
  • Basic iOS reverse engineering tools (class-dump, Hopper, Ghidra)
  • Intercept and analyze mobile traffic using:
  • Burp Suite (Mobile Assistant preferred)
  • mitmproxy / Charles Proxy
  • Test mobile backend APIs supporting payment workflows using:
  • Burp Suite, Postman
  • Validate security of payment features, including:
  • UPI, wallets, cards, tokenization
  • OTP, MFA, session management
  • Prepare high-quality vulnerability reports with:
  • Risk assessment
  • Proof of Concept (PoC)
  • Clear remediation guidance
  • Support retesting and vulnerability closure
  • Work closely with development and product teams to explain findings and fixes

R&D Mindset & Innovation (Mandatory)

  • Strong research-driven mindset to explore vulnerabilities beyond standard checklists
  • Ability to research and validate new attack vectors in mobile and FinTech environments
  • Regularly analyze:
  • New Android/iOS versions and security changes
  • Advanced bypass techniques (SSL pinning, root/jailbreak detection)
  • Develop custom test cases for complex payment and business logic scenarios
  • Contribute to:
  • Internal tools, scripts, and testing methodologies
  • Knowledge sharing and security best practices
  • Ability to independently validate false positives and negatives

Scripting & Automation Skills (Mandatory)

  • Hands-on scripting experience in one or more of the following:
  • Python automation, PoC development, API testing
  • JavaScript Frida hooks and runtime manipulation
  • Bash automation and tooling
  • Ability to:
  • Write and modify custom Frida scripts
  • Automate repetitive testing and analysis tasks
  • Customize open-source tools for specific app behaviors
  • Strong understanding of secure coding flaws through runtime and code-level analysis

Mandatory Skills & Experience

  • 34 years of experience in mobile application security testing
  • Strong understanding of Android and iOS security architectures
  • Hands-on experience with:
  • MobSF, AndroBugs, QARK
  • Frida, Objection
  • Burp Suite
  • Experience testing BFSI / FinTech / Digital Payment applications
  • Strong knowledge of:
  • OWASP Mobile Top 10
  • OWASP API Top 10 (supporting APIs)

Good to Have

  • Exposure to PCI-DSS, RBI, or CERT-In security requirements
  • Experience with CI/CD integration for mobile security testing
  • Basic understanding of cloud and backend security supporting mobile apps
  • iOS security testing experience is a strong plus

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Mobile Application Security Testing
Employment Type:
Full time

Job ID: 138856017

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 13-01-2026 06:39:29 PM
Homejobs in MumbaiMobile Appsec - SME