Job Title: Cryptography Engineer
Location: London, UK
Type: Fixed Term Contract
Duration: 12 Months (Extension likely)
Our client are a global semiconductor company.
The client require candidates to work on:site three days per week in West London.
Responsibilities:
Producing security assessments and generating evidence reports for mobile applications as per acceptance requirements set by the government agencies.
The security assessment task includes testing applications in line with well:known industry standards including: OWASP MASVS testing, threat modelling, tool relating to data flow analysis within the device and to the network; static and dynamic testing using tools such as MobSF, Frida, Jadx, cve:gin:tool and others for application risk assessment.
These tasks may also require development of necessary tools for testing and hence development experience with programming languages such as Python is essential.
Depending upon needs, support Android and Smartcard applications and mobile platform framework development tasks, in particular being responsible for functional specifications, requirements, design documentation along with supporting implementation and deployment, as necessary.
Development of tools to enable solution installation, provisioning and approval.
Creation of necessary documentation as per requirements to support approval of the solution including solution design and deployment guide documents.
Travel as required, including to attend meetings with customers and partners.
Key Requirements:
:A degree in Computing and Communications or any related discipline (an equivalent period of industrial experience may be substituted).
:Experience with application testing using various methods and tools including OWASP MASVS, MobfSF, Frida and tools to conduct static and dynamic testing.
:Knowledge of various device security attack vectors including apps, browsers, connectivity, device management, networking, local storage. etc.
:Knowledge of C, C++ and Java programming languages (at least 3 years' experience). This experience is necessary to understand existing code and write test code to verify security requirements.
:Experience in development of Java Cryptography Extension (JCE) provider for Android KeyStore.
:Familiarity with PKI, certificate enrolment, Public Key Cryptography Standards (PKCS )
If this sounds of interest, please reach out to for more information