Mobile Engineer

🇧🇷 🇦🇷 🇨🇴 🇲🇽 EXCLUSIVE FOR CANDIDATES BASED IN BRAZIL, ARGENTINA, COLOMBIA, OR MEXICO 🇲🇽 🇨🇴 🇦🇷 🇧🇷

Requirements

Must-haves

• 5+ years of mobile development experience
• Proficiency with React Native
• Proficiency with Node.js
• Proficiency with JavaScript and TypeScript
• Experience with reusable component and library development
• Experience with version control (e.g., Git, Bitbucket)
• Knowledge of continuous integration and deployment (CI/CD), including mobile deployment pipelines
• Deep understanding of asynchronous programming, API consumption, security best practices, and state management
• Strong problem-solving and analytical skills with a passion for complex engineering challenges
• Strong communication skills in both spoken and written English

Nice-to-haves

• Startup experience
• Experience developing reusable components and libraries
• Bachelor's Degree in Computer Engineering, Computer Science, or equivalent

What you will work on

• This is a full-time role (40 hours/week) for a 2-month contract
• Estimated Hours: 125-176 hours (depending on complexity and existing codebase readiness)

1. Authenticate with SAML 2.0 using your IDP (8-12 hours)

- Configure SAML in Auth0 (e.g., set up a new connection, upload IDP metadata)

- Update login flow to replace existing authentication methods with SAML

- Ensure correct configuration of redirect URIs, assertion consumers, and logout endpoints

- Test using a staging IDP setup and debug assertion/audience mismatches

- Key Work: Auth0 setup, React Native login updates, testing

2. Specify which web browser to trigger for SSO authentication (6-8 hours)

- Implement react-native-inappbrowser-reborn to control browser selection

- Add configuration parameter for browser preference (e.g., Chrome, Safari)

- Test integration across iOS and Android browsers

- Handle cases where the specified browser is unavailable

- Key Work: Browser selection settings, invocation handling, testing

3. IP restrict app access (6-10 hours)

- Implement middleware to validate user IP against an allowlist/blocklist

- Configure IP restrictions in Auth0 or a proxy layer (e.g., AWS API Gateway)

- Add UI error handling to display appropriate access restriction messages

- Key Work: Middleware setup, Auth0 configuration, UI updates, testing

4. Operate properly in an Android Enterprise Work Profile (8-12 hours)

- Use Android Enterprise test environment (e.g., Android Device Policy)

- Verify dependencies (storage, notifications, permissions) within the work profile

- Address storage isolation and cross-profile restrictions

- Key Work: Test environment setup, compatibility fixes, permissions adjustments

5. Push out app config via MDM (12-18 hours)

- Define app configuration parameters (e.g., JSON payload) for MDM distribution

- Integrate with MDM provider SDKs (e.g., Intune SDK)

- Parse and apply MDM configurations on app startup

- Key Work: MDM setup, SDK integration, configuration parsing, testing

6. Prevent unrecorded data exfiltration (10-15 hours)

- Enforce proxy/VPN whitelist for server communication

- Ensure HTTPS and strong TLS encryption for all transmissions

- Log outgoing requests for auditing

- Implement domain validation and SSL verification

- Key Work: Proxy/VPN setup, auditing, security enhancements, testing

7. Prevent copy/paste (6-10 hours)

- Block clipboard access using platform APIs

- Implement UIPasteboard override (iOS) and ClipboardManager restrictions (Android)

- Use secureTextEntry flag for sensitive fields in React Native

- Key Work: Clipboard API overrides, secure input handling, testing

8. Prevent screenshots (4-8 hours)

- Implement FLAG_SECURE for all Android activities

- Use UIScreenCapturedDidChangeNotification to detect iOS screenshots

- Display warnings or block actions when a screenshot is detected

- Key Work: Platform-specific security measures, UI enhancements, testing

9. Prevent moving data between apps or to storage (8-12 hours)

- Use Android Scoped Storage and iOS App Sandbox for file isolation

- Disable sharing intents (e.g., Share API)

- Block access to external storage paths

- Key Work: File system restrictions, API adjustments

10. Limit email/SMS to a specific app (10-15 hours)

- Implement deep links or custom schemes for launching designated email/SMS apps

- Add configuration options for preferred app selection

- Ensure fallback mechanisms for unavailable apps

- Key Work: Deep linking, app configuration, testing

11. Prevent email/SMS (4-6 hours)

- Remove app features that invoke email/SMS actions

- Block programmatic email/SMS sending using platform APIs

- Key Work: Code adjustments, feature restrictions

12. Prevent printing (6-10 hours)

- Disable export features that generate printable formats (e.g., PDFs)

- Block AirPrint using UIPrintInteractionController (iOS)

- Override print intents on Android

- Key Work: Export feature removal, platform print restrictions

13. Lock/unlock the app with a code or biometric (12-16 hours)

- Use react-native-keychain or similar libraries for biometric authentication

- Securely store user-defined PIN or passcode

- Implement a custom lock screen to verify PIN/biometric authentication

- Key Work: Secure storage, lock screen UI, biometric integration

14. Audit data handling in detail (15-20 hours)

- Implement detailed logging for data access and transactions

- Store logs securely (e.g., server logs, Datadog)

- Provide backend tools for reviewing audit trails

- Key Work: Data logging, backend integration, documentation

15. Documentation (10-12 hours)

- Provide feature overviews and setup instructions (e.g., SAML, MDM)

- Document troubleshooting guides for common issues

- Ensure clarity and accessibility for client use

- Key Work: Clear, detailed, client-focused documentation