Mobile Application Security Engineer

JP Morgan

Location: Greater London

Job Type: Full time


JPMorgan Chase & Co. has expanded its consumer business and we have launched a new digital retail bank in the UK. We are offering consumers a completely new banking experience. Under the Chase brand, the bank provides products and features tailored to meet the needs of customers in the UK, made available via an innovative mobile app.

Our team is at the heart of building this new venture, focused on developing offerings that put the customer at the center. We have created a new organization and we are looking for solution-oriented, commercially minded, customer-focused engineers, used to working in a true agile environment who want to be a part of something new, built from the ground up as a green-field with zero legacy initiative within a global, diverse and inclusive team.

Culture is as important to us and we are looking for intellectually curious, new technology passionate individuals who would like to expand their skills whilst working on a new exciting venture for the firm. Your work will have a direct impact to our customers as our business expands around the world.

Mobile Application Security Engineer - Chase UK

Mobile Application Security Engineers in International Consumer have the opportunity to explore the security challenges in a modern mobile banking application ecosystem. You will engage directly with application development teams, the wider security teams in JPMC to collaborate and solve problems. You will analyse the current app architecture and provide guidance on how to simplify and secure it, communicating directly with the development teams to educate them and assist them in mitigating these risks. You will develop and use frameworks and tools to perform automated testing and define best practices across the business to help engineers secure mobile applications at scale.

You must be an experienced Mobile Application Security Engineer who is passionate about iOS and Android application security testing and engineering.


  • Perform regular reviews of our mobile application security posture using your hands-on experience to apply threat models and mitigating techniques.
  • Contribute and develop our mobile application security framework.
  • Maintain an effective engagement model with mobile application development teams.
  • Conduct basic security code reviews of Java/Kotlin, Objective-C/Swift, and JavaScript/React Native code.
  • Conduct reviews of SDKs leveraged by the business to understand both technical and data protection risks.
  • Perform research and provide thought leadership in the domain of mobile application security to peers and senior management.

Qualifications Requires:

  • Bachelor's degree or the equivalent combination of education and strong relevant experience
  • Experience working in a role mobile security related role and relevant modern engineering practices.


  • Knowledgeable in cryptography and able to make calculated recommendations on appropriate use of ciphers, key lengths and hashing algorithms.
  • Proficiency in working with a range of security tools such as Burp Suite Pro, Ghidra, Hopper Disassembler, IDA Pro, Jadx, Objection, Radare, Frida, Android Studio, and Xcode.
  • xperience in iOS and Android pentesting.
  • Familiarity with DevSecOps tooling and automation frameworks.
  • Experience in writing scripts using Python or Bash.

#ICBCareer #ChaseUK #ICBEngineering

You’ve got this!