Security Expert - Android

Who We Are

At MittLogik Group, we’re driven by a passion for solving complex challenges through technology. As a growing IT services provider, we specialize in delivering high-impact consulting and engineering expertise across the Automotive, Embedded Systems, and Telecom industries.

With a strong focus on quality and adaptability, we help our clients accelerate development, scale innovation, and stay ahead in fast-moving technical environments. Our ability to connect niche talent with critical projects has made us a trusted partner to both startups and industry leaders.

Recognized with the DI Gasell award in 2020, 2021, and 2023, we’re proud to be one of Sweden’s fastest-growing companies.

Headquartered in Lund, with teams across Stockholm, Gothenburg, Linköping, and Bangalore, we operate globally with a local mindset.

Explore more at mittlogik.se

Summary:

We are seeking an experienced and passionate Mobile App & SDK Security Expert to join our team. In this role, you will be a key contributor to our development project, ensuring the delivery of a highly secure and robust mobile platform designed for sensitive financial transactions.

You will work closely with developers, architects, and product managers to integrate security at every stage of the software lifecycle, applying your expertise in mobile application security, secure coding practices, vulnerability assessment, and threat mitigation.

Key Responsibilities:

• Design and implement security measures for mobile apps and SDKs on Android and iOS platforms.
• Conduct vulnerability assessments, threat modeling (STRIDE, LINDDUN), and risk analysis for mobile cryptographic applications.
• Ensure secure execution, including anti-debugging, anti-tampering, and runtime integrity checks.
• Manage cryptographic keys and secure storage: Android Keystore, StrongBox, iOS Keychain, Secure Enclave.
• Enforce secure communication and session management across platforms.
• Collaborate with development teams to translate complex security requirements into practical guidelines.
• Conduct static and dynamic security testing, ensuring compliance with standards (OWASP MASVS/MSTG, NIST, GDPR).
• Keep up-to-date with mobile security trends, threats, and best practices.

Required Skills & Expertise:

• Strong foundation in cryptography, including symmetric/asymmetric encryption, key management, and relevant standards (PKCS#11, PKCS#12, FIPS 140-3, NIST).
• Deep understanding of Android security architecture (Linux kernel, SELinux, sandboxing) and iOS security architecture (Secure Enclave, sandboxing, entitlements).
• Experience with platform-specific APIs: Android Keystore, StrongBox, SafetyNet/Play Integrity API, iOS Keychain, Data Protection APIs.
• Knowledge of secure coding, obfuscation (ProGuard/R8), secure IPC, and secure networking frameworks.
• Hands-on experience with security testing tools and methodologies.
• Excellent communication skills to guide engineers in implementing secure development practices.

Desirable Certifications:

• Offensive Security (OSED, OSWE)
• GIAC Mobile Device Security Analyst (GMOB)
• Certified Ethical Hacker (CEH)
• CISSP with focus on cryptography and application security

Industry Experience:

• Prior work with secure mobile wallets, authentication apps, or cryptographic libraries is highly preferred.