Key skills
AndroidiOSPythonRubyGoAICommunicationPenetration Testing
About this role
Role Overview
- Build and improve security capabilities, automation, and guardrails for mobile applications and backend/API services
- Perform application or API/backend penetration testing
- Identify, triage, and help remediate vulnerabilities across Chime products
- Partner closely with engineering and product teams to embed security into the development lifecycle across mobile apps, APIs, and backend services
- Perform architecture and code reviews across the stack (iOS/Android, APIs, backend) with a focus on secure data storage, authentication, authorization, secure communication, and session/token handling
- Leverage AI to accelerate security workflows (e.g., code review support, triage, threat modeling), and partner with teams building AI-enabled features to define and implement production-grade AI security controls
Requirements
- 5+ years of experience in application security, with strong hands-on experience across both mobile and backend systems
- Hands on experience securing iOS and Android applications in production environments
- Strong understanding of mobile threat models and common attack techniques
- Experience with mobile security testing techniques, including static and dynamic analysis
- Familiarity with iOS and Android platform security features and limitations
- Practical coding experience, preferably in Ruby, Go, Python languages
- Ability to clearly communicate security risks, tradeoffs, and remediation guidance to engineering partners.
Tech Stack
- Android
- iOS
- Python
- Ruby
- Go
Benefits
- Competitive salary based on experience
- 401k match plus great medical, dental, vision, life, and disability benefits
- Generous vacation policy and company-wide Chime Days, bonus company-wide paid days off
- 1% of your time off to support local community organizations of your choice
- Annual wellness stipend to use towards eligible wellness related expenses
- Up to 24 weeks of paid parental leave for birthing parents and 12 weeks of paid parental leave for non-birthing parents
- Access to Maven, a family planning tool, with $15k lifetime reimbursement for egg freezing, fertility treatments, adoption, and more.
- In-person and virtual events to connect with your fellow Chimers—think cooking classes, guided meditations, music festivals, mixology classes, paint nights, etc., and delicious snack boxes, too!