Role descriptionJob Summary - Android SDET Security Compliance QS RMWe are seeking a
Android SDET Security Compliance QS RM Resource having 8+ years ofprofessional specializing in Security Compliance, Quality Systems (QS), and Risk Management (RM) ensures that Android applications or system-level software meet strict security standards, regulatory requirements, and high-quality benchmarks. They create automated security test frameworks, validate compliance, and assess risk.
This role requires close collaboration with cross-functional teams, adherence to Engineering standards, Architecture patterns and Agile practices, and ownership of service quality and delivery.
Key Responsibilities- Security Automation: Architect, develop, and maintain automated security test frameworks, focusing on mobile-specific security requirements (e.g., encryption, permissions, data leakage). Develop automated test suites to validate security protocols such as encryption-at-rest, secure data transit, and access controls. Implement "Compliance Jobs" to detect rooted/jailbroken devices or outdated security patch levels across a fleet.
- Quality Standards: Design and maintain advanced automation frameworks for Android internals, including the System Framework and Kernel layers. Define the "high security bar" for products by analyzing regulatory and certification requirements.
- Compliance & Risk Management: Evaluate applications against security compliance standards (e.g., GDPR, HIPAA, SOC 2, FIPS 140-2) and internal quality system requirements. Take ownership of product quality during monthly release cycles, coordinating with Program Managers and QA leads.
- Vulnerability Assessment: Perform penetration testing, security assessments, and risk analysis to identify potential flaws in Android applications and systems.
- Android Internals Testing: Conduct in-depth debugging, using Android tools such as ADB, logcat, and tombstones to root-cause issues.
- CI/CD Integration: Integrate security scanners and automated test suites into CI/CD pipelines to ensure compliance throughout the development lifecycle.
- Risk Mitigation: Define security test strategies that focus on high-risk areas, implementing controls and ensuring compliance with regulatory requirements
Mandatory Technical Skills & Competencies- Android Expertise: Strong knowledge of Android SDK, system architecture, and mobile security.
- Expert in debugging using Android tools like ADB, logcat, and tombstones.
- Programming Skills: Proficiency in programming languages such as Kotlin, Java, Python, or C++.
- Automation Experience: 8+ years of experience with automation frameworks like Appium, Espresso, or UI Automator.
- Security Knowledge: Familiarity with security protocols, encryption methodologies, and threat modeling.
- Regulatory Familiarity: Understanding of data protection laws and industry regulations (e.g., GDPR, DORA, NIS2)
- Knowledge of monitoring tools such as Prometheus, Grafana, or ELK stack.
- Understanding of distributed tracing and logging.
- Cloud concepts like fundamentals, App Configuration / App Settings, Key Vault, Cache, Service Bus (queues/topics), Event driven architecture, Blob Storage, cloud security, scalability, and resiliency patterns
- Understanding of Microservice Development design, implementation, Middleware (Kafka), filters, exception handling, logging, Authentication and authorization (JWT/OAuth concepts), Performance optimization and secure coding practices
- Agile and Collaboration Tools: Sprint planning, work item tracking, and agile delivery, Technical documentation and knowledge sharing
Soft Skills- Strong problem-solving and analytical skills
- Clear communication with technical and non-technical stakeholders
- Ownership mindset and production-grade engineering discipline
- Ability to work independently and within cross-functional teams
