We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Mobile Application Penetration Tester (iOS & Android) at Jobgether. This position is posted by Jobgether on behalf of Zimperium. We are currently looking for a Mobile Application Penetration Tester (iOS & Android) in India.. This role offers the opportunity to join a high-impact cybersecurity environment where your expertise will directly protect mobile users and enterprises against next-generation threats. You will work on advanced security assessments of iOS and Android applications, applying cutting-edge methodologies to uncover vulnerabilities and strengthen overall resilience. The position demands hands-on penetration testing skills, deep technical knowledge, and creativity to simulate real-world adversarial attacks. Collaborating closely with development and security teams, you will contribute to building safer mobile ecosystems while staying ahead of evolving attack vectors. This is a challenging, dynamic position for professionals passionate about mobile security and advanced exploitation techniques.. . Accountabilities. As a Mobile Application Penetration Tester, you will:. . Conduct end-to-end penetration testing of iOS and Android apps, including static, dynamic, and runtime analysis.. . Evaluate mobile API integrations, authentication, encryption, and data storage mechanisms.. . Identify and exploit critical vulnerabilities such as insecure storage, weak cryptography, jailbreak/root bypasses, insecure code, and logic flaws.. . Utilize runtime instrumentation frameworks (Frida, Objection, Xposed) for advanced dynamic testing.. . Perform certificate pinning bypass, hooking, and traffic interception with advanced proxy techniques.. . Assess and attempt evasion of app protections (root/jailbreak detection, code obfuscation, anti-debugging, tamper protection).. . Develop custom scripts and exploits in Python, Java, Swift, Kotlin, or C++ to simulate advanced attacks.. . Produce detailed penetration test reports with risk ratings, PoCs, and actionable remediation guidance.. . Support Red Team exercises by simulating adversarial mobile endpoint attacks.. . Collaborate with development and security stakeholders to integrate secure coding and SDLC practices.. . Requirements. The ideal candidate brings strong technical expertise, problem-solving ability, and a hacker mindset.. . 5+ years in penetration testing, with at least 3 years focused on iOS and Android apps.. . Solid knowledge of OWASP Mobile Top 10 and NIST guidelines.. . Expertise with tools for static & reverse engineering (Apktool, JADX, Ghidra, Hopper, IDA Pro, Radare2, JD-GUI).. . Advanced experience in runtime/dynamic testing using Frida, Objection, Cycript, LLDB, and Xposed.. . Familiarity with automation frameworks (MobSF, Drozer, Appium) and proxy tools (Burp Suite Pro, OWASP ZAP, MITM tools).. . Strong understanding of Android and iOS security internals, including sandboxing, Keychain, Secure Enclave, and OS models.. . Hands-on use of jailbroken and rooted devices for advanced exploitation.. . Knowledge of cryptography, TLS, cert pinning, and secure storage.. . Ability to think creatively like an attacker, going beyond automated findings.. . Preferred certifications: OSCP, OSEP, OSED, OSWE, OSMR, EWPTX, EWAPT, CRTP, CRTE (others like CEH or CAP are considered a plus).. . Company Location: India.