Mobile Security Engineer (Android-first), Sign3
Join Our Community
Required Skills
Job Description
- *Job Information**
- ------------------
Department Name
Cedar Hill Capital Portfolio Company
Industry
Technology
Work Experience
3\-6 years
City
Gurgaon
State/Province
Haryana
Zip/Postal Code
122016
- *Job Description**
- ------------------
- *About the company**
Sign3 is an AI\-first customer intelligence platform powering fraud prevention, risk scoring, and smarter onboarding decisions for leading FinTechs, banks, and digital businesses. Our flagship SDK and APIs analyze device, behavioral, and digital footprint signals to help clients detect synthetic identities, money mule accounts, and other fraud vectors — in real time. We work with top\-tier players across credit cards, lending, gaming, and neo\-banking, helping them unlock trusted growth at scale. Our systems process millions of risk events per day, with millisecond\-level performance and precision. At Sign3, you'll get to build in a fast\-paced, impact\-focused environment alongside a lean, high\-ownership team.
- *Role Overview**
You will be working on the security of the Sign3 mobile SDKs — Android primarily, with iOS exposure over time. Your focus is to build the anti\-tampering, anti\-hooking, anti\-debugging, and integrity primitives that ship inside our SDKs to millions of end\-user devices, and to help us stay ahead of the attackers who actively try to bypass them in production.
- *What You'll Do**
- Implement and ship detection modules in Kotlin and native C/C\+\+ — anti\-Frida, anti\-Xposed/LSPosed, anti\-Magisk/Zygisk, anti\-debugging, anti\-emulator, repackaging and integrity checks, and hardware\-backed attestation flows.
- Help build and maintain our adversary\-simulation test suite — Frida scripts, custom Xposed modules, repackaged APKs — and keep it running against every SDK release in CI.
- Reproduce customer\-reported bypasses on rooted devices; triage with senior engineers, fix, and add a regression test.
- Contribute to threat modeling and security architecture reviews for new SDK features and signals. Partner with the risk/ML team so detections produce signals that hold up server\-side.
- Do post\-deployment signal analysis using internal tooling (Athena, dashboards); collaborate with backend engineers on improving detection logic and tuning loops.
- Help instrument and monitor signal\-quality metrics — true\-positive coverage, false\-positive rate, device\-population telemetry — and learn the rollback tooling for misbehaving detections. Research emerging mobile threats — KernelSU, Zygisk modules, root and jailbreak hiders, Frida\-derivatives — and bring findings back to the team.
- *What We're Looking For**
- *Must\-have**
- 3\+ years of mobile engineering or security experience, with at least 1 year on a security\-focused codebase (security product, anti\-fraud SDK, RASP, payment SDK, or similar hardened mobile work).
- Hands\-on experience reverse\-engineering Android apps and native libraries; able to read ARM64 disassembly with reference material.
- Working experience in native C/C\+\+ for Android NDK — JNI, the dynamic linker basics, and the libc / syscall boundary.
- Solid working knowledge of Android internals: ART runtime, /proc, ptrace, SELinux, Android KeyStore, hardware\-backed Key Attestation, Play Integrity API.
- Familiarity with mobile hooking and tampering ecosystems and how they're detected: Frida (server, gadget, basic agent\-side scripting), Xposed/LSPosed, Magisk, Zygisk.
- Familiarity with obfuscation and code\-hardening basics: R8/ProGuard, string encryption, common anti\-tamper patterns.
- Comfortable rooting Android devices and working with custom ROMs / AOSP for testing.
- Proficiency in Kotlin/Java, C/C\+\+, and Python (for tooling and automation).
- Eagerness to learn the iOS side: jailbreak ecosystem, code signing, Keychain, DeviceCheck / App Attest, Objective\-C/Swift runtime basics. No prior iOS shipping required, but a clear interest in becoming platform\-versatile over time is important.
- Data\-savvy mindset; comfortable working with product, analytics, and backend teams to close the loop between SDK signals and fraud outcomes.
- *Nice to have**
- Bug\-bounty record on mobile targets, CTF participation, or published mobile\-security writing.
- Contributions to open\-source reverse\-engineering, instrumentation, or RASP tooling.
- Experience with GitHub Actions or other CI\-driven mobile security testing pipelines.
- Some prior iOS reverse\-engineering or instrumentation (Hopper, Frida on iOS, class\-dump, frida\-ios\-dump).
- Exposure to fraud detection, device fingerprinting, or behavioral analytics products.
- Interest in extending detection logic into the backend — many of our strongest signals are SDK \+ server collaboration.
- Bug\-bounty record on mobile targets, CTF participation, or published mobile\-security writing.
- Contributions to open\-source reverse\-engineering, instrumentation, or RASP tooling.
- Experience with GitHub Actions or other CI\-driven mobile security testing pipelines.
- Some prior iOS reverse\-engineering or instrumentation (Hopper, Frida on iOS, class\-dump, frida\-ios\-dump).
- Exposure to fraud detection, device fingerprinting, or behavioral analytics products.
- Interest in extending detection logic into the backend — many of our strongest signals are SDK \+ server collaboration.
- *Tools you'll work with**
- Static / RE: Ghidra, IDA Pro, Binary Ninja, jadx, apktool, smali/baksmali
- Dynamic: Frida, objection, LLDB, gdb\-multiarch
- Network: mitmproxy, Burp Suite
- Tampering / repackaging: apksigner, zipalign, Magisk, LSPosed, Zygisk
- Automation / triage: MobSF, our internal CI\-integrated bypass test suite
- Device / platform: AOSP build environment, rooted reference devices across vendor stacks.
Similar Jobs
- B
Android Developer
BJAK · India
- K
Full-stack android developer (Part-time, Equity only)
Kefilo · India
- P
Android Developer
ProApps Solutions · Vadodara, Gujarat, India
Job Overview
- Job type
- Full-time
- Work mode
- On-site
- Location
- Gurugram
- Posted
- 1d ago
- Source
- Indeed