InMobi Advertising
Lead Application Security Engineer
Full details on LinkedIn
The complete job description, requirements, and application details are available on the original posting.
About InMobi Advertising
InMobi is a global technology company based in Bengaluru, India, founded in 2007. Originally launched as an SMS-based search engine, it pivoted to mobile advertising in 2008 and rebranded as InMobi, becoming the first Indian unicorn in the adtech space by 2011. The company operates across the Americas, Asia-Pacific, Middle East, and North Africa, and is recognized for its innovative mobile-first advertising solutions. InMobi offers a comprehensive mobile advertising platform that helps brands and app developers engage audiences through personalized ad experiences. Its products include UnifID, an identity resolution solution for mobile app publishers, and Meson, a mediation platform for optimizing ad revenue. InMobi also operates consumer platforms like Glance and Roposo, which blend entertainment and shopping. The company provides advanced performance marketing analytics through tools acquired from Appsumer, enabling clients to measure and optimize their marketing efforts. InMobi is committed to transforming consumer engagement with mobile devices and powering the app economy.
Security at InMobi Advertising
Compiled from public job postings, careers pages, and company materials. Data may not reflect current state — verify during interviews.
Security Philosophy
- InMobi's AppSec philosophy emphasizes a 'Cloud Native - DevOps Only' posture, focusing on 'Product & Platform security', 'Cloud Native Risk Management', and 'Detection & Response'.
- Responsibilities include 'Conduct vulnerability assessments, penetration testing, and source code review.' and automating technical tasks in CI/CD.
- The approach involves performing SAST & DAST to improve SDLC and integrating security testing tools like Burp Suite Enterprise, MobSF, SQLMap, and Checkmarx for security gating.
Security Team
- InMobi's leadership includes Mohit Saxena, CTO, who has authored security blog posts.
- However, no public page explicitly names an AppSec head or reporting line.
- The company actively hires for AppSec roles, with job postings indicating a preference for candidates with 'Bug bounties, responsible disclosure awards & Hall of Fame' and experience 'building and managing security gating in Checkmarx'.
Key Initiatives
- InMobi's AppSec initiatives include a focus on developer enablement and 'shift-left' practices, with explicit instructions to 'Standardize & maximise automation in CI/CD pipeline.' and 'Perform SAST & DAST and improve SDLC.'.
- Vulnerability management involves 'Conduct vulnerability assessments' and 'Integrating and optimizing security testing tools such as Burp Suite Enterprise, MobSF, SQLMap', though public information on triage SLAs, MTTR, or ticket ownership is unavailable.
- Historically (as of 2013), the company had a 'Dedicated fraud detention team', manually reviewed ads, and emphasized privacy with a 'Head of Privacy!'.
Preparing for an AppSec interview?
Get the weekly briefing 2,000+ security pros trust.