Design and write secure, modular, high-performance orchestration libraries for iOS that perform the following functions:
Verify device integrity
Handle device authentication and attestation with the Certificate Authority backend
Secure and initiate the capture process for camera and other sensors
Perform cryptographic operations including generating cryptographic keys, generating certificate signing requests, hashing to generate multihash- and multibase- formatted digests, and generating digital signatures
Manage long-term and short-term secrets storage, including authentication credentials and digital signature keys
Provide the primary abstracted interface to upper-layer containing apps
Function consistently on a broad spectrum of device models, underlying hardware capabilities, and operating system versions
Work closely with iOS sensor R&D engineers to integrate their sensor data acquisition and file writing modules with the above mentioned orchestration libraries, into a coherent, high performance secure camera SDK with minimal storage and memory footprint.
Work closely with the Certificate Authority team, the hardware security team, and the product engineering team on designing a secure, scalable protocol for mobile device authentication and attestation.
Be accountable to the product engineering team for secure camera SDK stability, footprint, and performance
REQUIREMENTS:
Have experience developing iOS apps or libraries for high security applications
Have expertise with C, C++, and Objective-C or Swift
Have experience implementing proactive defenses against device compromise, rooting, jailbreaking, peripheral spoofing, buffer manipulation, authentication abuse, authentication bypass, state manipulation, code injection, and MITM attacks.
Have experience with code obfuscation and passing penetration testing
Have experience designing and implementing secure communication protocols to interface with backend servers