About The Role FDM is a global business and technology consultancy seeking a Senior Mobile Security Specialist to work for our client within the finance and consultancy sector. This is initially a 6 month contract with the potential to extend and will be a hybrid role that will be based in Bristol.
Our client is seeking a Senior Mobile Security Specialist (e.g. Test SME / Lead / Programme Manager level) to support a team of 2 Junior Mobile Security Specialists in strengthening, delivering, and evolving the security of the client's mobile platform.
Lead and evolve the mobile security framework across the organisation's mobile platforms.
Conduct and oversee mobile application penetration testing, vulnerability assessments and remediation activities.
Perform threat modelling, security analysis and risk assessments for mobile applications and supporting services.
Define and promote secure development standards, application hardening techniques and mobile security best practices.
Implement and enhance security tooling, testing capabilities and automation to improve coverage and efficiency.
Provide security consultancy and assurance to mobile engineering teams throughout the development lifecycle.
Mentor and support junior Mobile Security Specialists, providing technical guidance and quality oversight
Monitor emerging mobile security threats and drive continuous improvements to controls, processes and security capabilities.
About You
Extensive experience in mobile application security, with approximately 10+ years in cyber security, application security or a related field.
Deep expertise in mobile penetration testing, threat modelling, vulnerability management and security assurance.
Strong knowledge of OWASP MASVS, MASTG and industry-recognised mobile security standards and testing methodologies.
Proven experience securing iOS and Android applications, including authentication, authorisation, cryptography, API security and secure coding practices.
Hands-on experience implementing application hardening controls, including obfuscation, anti-tampering and runtime protection.
Experience using mobile security testing tools such as Burp Suite, MobSF, Frida, Objection, JADX and APKTool, alongside SAST, DAST and SCA platforms.
Proven ability to design and implement security tooling, automation and DevSecOps controls within CI/CD environments.
Strong leadership, stakeholder management and consultancy skills, with experience mentoring security specialists and influencing engineering teams to improve security outcomes.
Desirable
Relevant industry certifications such as CISSP, CCSP, OSCP, OSWE, GIAC or Burp Suite Certified Practitioner.
Experience delivering mobile security programmes within financial services or other highly regulated environments.
Neutral 2–4 sentence summary of what working at this company is like, drawn from public reviews and press coverage. Tone, collaboration style, pace, benefits highlights.