Rodeo
ResourcesPartnersSign in

iProov

Penetration Tester (Red Team)

United Kingdom
£100k/yr
Posted about 22 hours ago
Sign up to applySee more jobs like this

How your CV stacks up

1Upload CV
2Analyse CV
3Improve CV

Upload your CV to see how well it fits this job role

?%

Red Team Engineer

About iProov

iProov provides science-based biometric solutions that enable the world’s most security-conscious organisations to streamline secure remote onboarding and authentication for digital and physical access. Our award-winning liveness technology and iSOC offer unmatched resilience against deepfakes and generative AI threats while ensuring effortless, scalable user experiences. Trusted by leading governments and enterprises, including the U.S. Department of Homeland Security, U.K. Home Office, GovTech Singapore, ING, and UBS, iProov sets the standard in biometric identity assurance.

This global trust is built not only on our technology but on the strength of the people behind it. For us, diversity at iProov is about reflecting the customers we serve, holding the principles of equality and inclusion at the heart of everything we do and all that we stand for, embracing differences, creating possibilities, and growing together. We aim to foster a culture where individuals of all backgrounds feel confident in bringing their whole selves to work, feel included, and their talents are nurtured, empowering them to contribute fully to our purpose.

The Role

Reports to: Head of Red Team
Location: UK - (Typically hybrid, however for this role, flexible for a more remote option)
Comp: Up to £100k (Base) + Company Performance Bonus (10%) + Share Options + UK iProov Benefits

As we continue to scale, we are looking for an experienced Red Team Engineer specialising in mobile application security (iOS and/or Android) to join our growing Red Team function. This role will focus on assessing and challenging the security of iProov’s mobile SDKs, applications, and biometric identity flows, ensuring we remain resilient against increasingly sophisticated threats, including deepfakes, device compromise, and adversarial manipulation.

You will play a critical role in proactively identifying weaknesses, simulating real-world attacks, and strengthening our ability to detect and respond to threats across mobile environments.

How you can make an impact

  • Design and execute Red Team operations targeting mobile applications, SDKs, and biometric identity flows across iOS and Android
  • Perform advanced mobile application penetration testing, including reverse engineering, runtime manipulation, and bypass techniques
  • Simulate realistic attack scenarios such as:
    • Device compromise (rooted/jailbroken environments)
    • Emulator and instrumentation attacks
    • Biometric spoofing and presentation attacks
    • Mobile API abuse and session manipulation
  • Identify vulnerabilities in mobile architectures, authentication flows, and client-side controls
  • Conduct research into emerging mobile threat actor tactics, techniques, and procedures (TTPs), particularly in biometric and identity systems
  • Develop proof-of-concept exploits and tooling to replicate real-world attack scenarios
  • Produce clear, actionable reports with risk-ranked remediation guidance for engineering and product teams
  • Collaborate closely with mobile engineers, product, and security teams to translate findings into practical fixes
  • Provide code-level and architectural guidance to improve mobile application security
  • Validate remediations and ensure vulnerabilities are effectively addressed
  • Contribute to improving detection capabilities within iProov’s security ecosystem (including iSOC)
  • Mentor engineers on secure mobile development practices and threat modelling
  • Ensure all activities align with rules of engagement, legal, and regulatory requirements

Reasons to use Rodeo

I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?

Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.

Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.

Start with a chat, not a search bar

Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.

P

Graduate Consultant — 2026 Scheme

PwC·London, UK
£35,000/yr

Why you're a good match

Strong

Your economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.

See breakdown
Save jobNot relevant
View details

It searches the market for you

Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.

Why you're a good match

You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.

See breakdown
Strong

Experience fit

Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.

See breakdown
Strong

Only hits

No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.

What we would like to see from you

  • 5+ years’ experience in Red Teaming, penetration testing, or mobile security research
  • Strong hands-on expertise in mobile application security (iOS and/or Android)
  • Experience with:
    • Reverse engineering tools (e.g. Frida, Objection, Ghidra, Hopper, IDA Pro)
    • Mobile testing frameworks and interception tools (e.g. Burp Suite, mitmproxy)
    • Analysing mobile binaries (APK/IPA), obfuscation, and runtime protections
  • Deep understanding of:
    • Mobile OS internals (Android/iOS security models)
    • Secure storage, keychains/keystores, and cryptographic implementations
    • Authentication protocols and identity flows (OAuth, biometrics, session handling)
  • Experience identifying and exploiting:
    • Client-side trust issues
    • Certificate pinning bypasses
    • Anti-tampering and anti-debugging controls
  • Ability to build or customise tooling and scripts for mobile security testing
  • Experience communicating complex technical findings to both technical and non-technical audiences
  • A passion for offensive security and creatively breaking systems to make them stronger
  • Comfortable operating in a high-growth, fast-paced environment

Benefits

  • 25 days Annual Leave, plus 8 Bank Holidays (more holiday with service - up to an extra 5 days off per year based on your continuous service)
  • Growth Shares allocated after passing probation (6 months of service)
  • Salary sacrifice schemes including: Pension, Cycle To Work and Electric Car Scheme
  • Nursery Sacrifice Scheme
  • Work Overseas Perk - Work globally for up to 2 weeks
  • Life Assurance
  • SmartHealth - Access to private GP, Psychologist, Nutritionist along with tailored fitness plans for both you and your family
  • Benefit from personalized 1:1 career coaching with our in-house Occupational Psychologist
  • Award winning L&D platform with personal allocated training budgets
  • Enhanced paid family leave
  • Pension - 5% employee, 3% employer
  • Flexible hybrid working environment
  • Free Barista Coffee/Tea, biscuits with fruit in the WeWork office
  • Free access to WeWork discounts and free online well-being sessions
  • Vitality Health - a range of options available on this below

Get help with your application

Your very own career expert that helps elevate your application to the next level.

Get help applying for this job

The Vitality Programme includes a number of reward benefits that all employees have access to as part of the plan, for example:

  • Private Health cover including Dental, Optical, and Audiology
  • 50% off monthly gym memberships
  • Apple watches significantly discounted based member vitality status
  • Half price trainers with Runners Need
  • Weekly rewards – Free coffee with Café Nero
  • Monthly rewards – Free Cinema ticket
  • Discounts on travel with Expedia (hotels) and Mr & Mrs Smith with discounts getting greater throughout the year based on a members vitality status
  • Amazon prime free months based on activity
  • Up to 25% cashback at Waitrose when buying healthy foods
  • 75% off stays at Champneys Health Spas
  • Allen Carr’s £299 no smoking programme for free
  • Access to Vitality Healthy Mind with 30% off Headspace subscriptions and the ability to earn Vitality points for using Buddhify, Calm and Headspace
  • Discounts on Weight Watchers
  • 50%-80% off Comprehensive Private Health screenings

Our Culture & Recruitment Process

At iProov, we're incredibly proud of the culture we've carefully curated. Our culture enables diverse thought, curiosity and innovation. Our team strives to do everything to the highest standard possible to achieve the remarkable. To do that we need different perspectives, experiences and ideas alongside an environment where these are welcomed - we want everyone to feel confident in bringing their full capabilities to work. We firmly believe psychological safety is key to building and nurturing great teams. We’re a small and dynamic company, that means having the right skills is important, and we know that our best work emerges when people feel secure, welcomed and respected.

As an equal opportunities employer, we encourage applications from people of all backgrounds. We’re committed to building a workforce that is representative of the people we serve. We will not put someone at a disadvantage or treat them less favourably because of race, color, national origin, ancestry, age, disability, creed, religion or belief, sex, sexual orientation, gender reassignment, marriage or civil partnership, or pregnancy and maternity. Our goal is to find people who are passionate about creating a safer, more secure world.

Our recruitment process is designed to be fair and transparent, focusing solely on your qualifications, competence, and suitability for the role. We review all applications carefully and will be in touch with shortlisted candidates regarding the next steps in our interview process. If you need an adjustment for a disability or any other reason during the hiring process, please send a request to careers@iproov.com

Trusted by 25,000+ job seekers

“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”

Jessica, London

Get help applying for this job

Skills

Red Teaming
Penetration Testing
Mobile Security
Reverse Engineering
Runtime Manipulation
Biometric Spoofing
API Abuse
Session Manipulation
Mobile OS Internals
Authentication Protocols
Client-side Trust Issues
Certificate Pinning
Anti-tampering Controls
Tooling Development
Technical Communication
Offensive Security

Location

United Kingdom

Sign up to applySee more jobs like this