[Remote] Sr Security engineer with Product Security & Mobile application(W2)

Note: The job is a remote job and is open to candidates in USA. Codebase Inc is seeking a Senior Technical Security Engineer to enhance their security protocols for desktop and mobile applications. The role involves securing application architecture, managing incident responses, and embedding security into the software development lifecycle. Responsibilities • 5+ years of experience in application or product security, with a track record of securing desktop and mobile applications. • Strong understanding of secure architecture for thick clients, including local storage protection, inter-process communication, JavaScript engines, OS-level security features, and web security standards (CSP, same-origin policy, TLS/HTTPS). • Experience with mobile (iOS/Android) and desktop (Windows/macOS/Linux) application security models. • Proficiency in GenAI security, modern cryptography, certificate management, secure authentication (OAuth, WebAuthn, FIDO2), and secure session handling. • Knowledge of OS-level hardening techniques, sandboxing, privilege separation, and secure use of platform APIs. • Hands-on experience with secure coding practices in at least one systems language (C++, Rust, Go) and one application language (Kotlin, Swift, C#). • Familiarity with static/dynamic analysis tools, fuzzing, penetration testing, and reverse engineering for client applications. • Experience embedding security into the software development lifecycle (threat modeling, code reviews, secure design patterns). • Ability to manage incident response and vulnerability remediation for thick client environments. • Strong cross-team communication skills and ability to write clear developer-facing security guidelines. Skills • 5+ years of experience in application or product security, with a track record of securing desktop and mobile applications. • Strong understanding of secure architecture for thick clients, including local storage protection, inter-process communication, JavaScript engines, OS-level security features, and web security standards (CSP, same-origin policy, TLS/HTTPS). • Experience with mobile (iOS/Android) and desktop (Windows/macOS/Linux) application security models. • Proficiency in GenAI security, modern cryptography, certificate management, secure authentication (OAuth, WebAuthn, FIDO2), and secure session handling. • Knowledge of OS-level hardening techniques, sandboxing, privilege separation, and secure use of platform APIs. • Hands-on experience with secure coding practices in at least one systems language (C++, Rust, Go) and one application language (Kotlin, Swift, C#). • Familiarity with static/dynamic analysis tools, fuzzing, penetration testing, and reverse engineering for client applications. • Experience embedding security into the software development lifecycle (threat modeling, code reviews, secure design patterns). • Ability to manage incident response and vulnerability remediation for thick client environments. • Strong cross-team communication skills and ability to write clear developer-facing security guidelines. • Contributions to open-source client frameworks, SDKs, or application security tools. • Prior work with secure local storage, anti-tampering, DRM, or obfuscation in client software. • Familiarity with offline-first application security challenges (sync, caching, data persistence). • Experience with privacy-preserving client design, including minimizing telemetry and preventing data leakage. • Deep understanding of reverse engineering techniques and defenses (e.g., code obfuscation, anti-debugging, integrity checks). • Experience leading security architecture for a thick client application launch at scale. • Advanced degree (MS/PhD) in Computer Science, Cybersecurity, or related field. Company Overview • Codebase Inc. is a strategic IT solutions service provider based in New Jersey, USA. It was founded in 2021, and is headquartered in, with a workforce of 201-500 employees. Its website is Apply tot his job Apply tot his job