Looking for security architect to advise and design a highly secured android and IOS application .
Candidate should have CISSP or equivalent qualification.
The solution should be able to persuade all other stack holder
Main challenge is the application is
1) Need to ensure the mobile application is working in a black box without any compromise and the only way to gain access to the application is via password login.
2) Storing multiple websites password and these passwords must not be access in any way except the mobile app itself that can retrieve the password as clear password . The password is not accessible to the user who login or the programmer or owner who design the mobile apps or any hacker who has access to the mobile and try to access the password in any way. The passwords are key in one time and will be stored securely forever, only known to the mobile application itself.
3) The mobile apps should be accessing predefined secured website via web automation securely without any intervention, interruption of the automation process or ear dropping of the access information. The application should download, extract and store the information from the website securely.
4) The information stored should be secured from any hacker who has access to the mobile. And only the user has access to the information stored via logging into the mobile application UI.
5) The information stored will be sent to central server securely without any intervention, interruption and ear dropping . The central server is hosted in cloud and must be secured except to the owner of the server.