Application Engineer

Technology - Security

Bangalore

About Us

Marrow is a learning platform for doctors, medical students, and other healthcare practitioners with topic-wise learning modules, tests, and performance analytics, and high-quality recorded medical video classes. Marrow is currently used by over 5 lakh medical students in India to prepare for the country’s largest medical competitive exam - NEET PG.

USP of Marrow

1) It's a top revenue-generating product for the business.

2) Loved by more than 70% of aspiring doctors in India.

3) NEET-PG 2020, 2021, 2022,2023 - Top 10 Rankers were the Marrow users.

After successfully establishing itself as a preferred choice for NEET PG students, MARROW is now also focussing on the enhancement of healthcare in the country by providing unique up-skilling courses to practicing doctors. These courses are provided by the best in class institutions and expert medical practitioners/faculty.

DailyRounds is the largest academic network of Medical Doctors Built by a team of doctors and coders, DailyRounds now has 300,000+ Doctors.

We are a part of the Japanese healthcare major, M3 (listed on the Tokyo Stock Exchange). DailyRounds/Marrow envisions itself as a health-tech startup focused on organising "Knowledge of practice of Medicine" and building a community of Doctors (and healthcare professionals). We have since grown into India’s largest and most regarded learning app for NEET PG preparation.

Job Description

We seek a highly skilled and experienced Mobile Application Security Engineer to join our dynamic security team. The ideal candidate will possess a deep understanding of mobile security for both Android and iOS platforms, with hands-on experience in identifying and mitigating security vulnerabilities. This role involves ensuring the security of mobile applications through rigorous testing, threat modeling, and implementation of security best practices.

What you will be doing here

Security Assessment and Testing:

Conduct thorough security assessments of mobile applications, including static and dynamic analysis.
Perform vulnerability assessments and penetration testing (VAPT) on Android and iOS applications.
Utilize tools such as Frida, Burp Suite, and other mobile security testing frameworks to identify security weaknesses.

Vulnerability Management:

Identify, report, and track mobile application security vulnerabilities (Common Vulnerabilities and Exposure)
Work closely with development teams to ensure vulnerabilities are addressed and resolved.
Develop and maintain a vulnerability management program for mobile applications.

Security Architecture and Design:

Collaborate with development and product teams to design secure mobile applications.
Implement security best practices and guidelines for mobile app development.
Conduct threat modeling and risk assessments to identify potential security threats.

Security Tools and Automation:

Develop and maintain custom scripts and tools to automate security testing.
Stay updated with the latest security tools, technologies, and trends in mobile security.

Documentation and Reporting:

Create detailed security assessment reports and documentation.
Provide recommendations for security improvements and risk mitigation.
Document security policies, procedures, and guidelines for mobile application security.

Job Requirement

What are we looking for

2-5 years of experience in mobile application security for Android and iOS platforms.
Proven expertise in vulnerability assessment, penetration testing (VAPT), and security analysis of mobile applications.
Strong understanding of Android and iOS security architectures.
Proficiency in security tools such as Frida, Burp Suite, OWASP Mobile Security Testing Guide (MSTG), etc.
Experience with common mobile security vulnerabilities (e.g., OWASP Mobile Top 10) and mitigation strategies.
Knowledge of CVE databases and experience in reporting and managing vulnerabilities.
Familiarity with secure coding practices and security standards.