iboss iOS Jobs in the USA

About the Company

iboss is the AI-powered SASE (Secure Access Service Edge) platform that ingests deep signals across endpoint, network, and content. Built-in AI surfaces insights and answers that security, networking, data protection, and executive teams need most. iboss modules include AI-Powered CASB (cloud app and data signals to expose risky SaaS activity), Advanced DLP (content flow intelligence to stop sensitive data exfiltration), Secure Web Gateway (full session telemetry to block threats with behavioral context), Zero Trust Access (private app access signals to replace VPN with least-privilege access), Browser Isolation (isolated session protection to keep risky browsing off devices), and Zero Trust SD-WAN (branch and edge connectivity with real-time optimization). iboss offers AI chat monitoring and security for ChatGPT, Google Gemini, Perplexity, and Claude with comprehensive conversation tracking, real-time data loss prevention (scan all uploaded content for sensitive data patterns including PII, financial data, proprietary information, instant blocking, incident creation), and enterprise AI governance. iboss integrates with Microsoft Entra SSO, Microsoft Information Protection (MIP) labels, Microsoft Purview, Azure security gateways, and Microsoft Sentinel. The platform provides signatureless detection technology using machine learning algorithms to analyze traffic patterns and identify data uploads and form submissions without relying on application signatures or APIs, protecting against zero-day apps not in traditional CASB databases. iboss offers dual-risk scoring (app risk for legitimacy/compliance, data risk for potential data loss), real-time file upload monitoring, form submission control, shadow IT discovery, compliance monitoring (GDPR, HIPAA), incident response, policy enforcement, labeled content protection (Microsoft Information Protection), user behavior analytics, and 99.999% platform uptime with less than 30 minute SASE platform deployment and 60% reduction in total security costs.

Industry

• Cybersecurity
• SASE (Secure Access Service Edge)
• Zero Trust Networking
• AI Security
• Cloud Security
• Data Loss Prevention (DLP)
• Network Security

iOS Engineering at iboss

iboss develops the iboss Zero Trust SASE iOS app for secure access to corporate resources, private applications, and cloud services. The iOS engineering team builds and maintains features for Zero Trust Network Access (ZTNA) (identity-based, device posture verification, least-privilege access to private apps replacing VPN), secure web gateway (URL filtering, malware protection, SSL/TLS decryption, content control), browser isolation (run risky web content in cloud, stream to device), AI chat monitoring (for ChatGPT, Gemini, Perplexity, Claude: conversation tracking, data upload scanning, DLP policy enforcement, instant blocking, incident reporting), secure SD-WAN connectivity for branch and remote users, endpoint posture assessment (device compliance checks: OS version, disk encryption, firewall enabled, antivirus running, jailbreak detection), single sign-on integration (Microsoft Entra SSO, Okta, Ping Identity), certificate-based authentication, per-app VPN (tunnel only specific apps through iboss, not all device traffic), data loss prevention (scan network traffic for sensitive data patterns: PII, financial, proprietary, block uploads to unauthorized cloud apps, alert users of policy violations), user behavior analytics (monitor user activity, detect anomalous patterns, insider threat detection), compliance monitoring (GDPR, HIPAA, audit trails), push notifications (security alerts, policy violations, incident notifications, zero-day threat alerts, device posture warnings), offline policy enforcement (cached policies for when device offline), split tunneling (direct internet access for non-corporate traffic), and integration with Microsoft Entra, Purview, Sentinel, MIP labels, and other SIEM/SOAR platforms.

Mobile development in this context focuses on Network Extension framework (implement per-app VPN using NETunnelProvider or NEVPNManager, route corporate traffic through iboss cloud, split tunneling configuration), endpoint posture assessment (check device compliance: iOS version, passcode status, device jailbreak detection, disk encryption (iOS automatically encrypted), MDM enrollment status via Managed App Config, certificate validation), certificate-based authentication (PKCS #12 client certificates for mTLS, integration with Microsoft Entra certificate-based authentication, SCEP for certificate enrollment), Single Sign-On (ASWebAuthenticationSession for OAuth2/OIDC with Microsoft Entra SSO, Okta, Ping, SAML), per-app VPN (configure per-app VPN via VPN payload in MDM, or use NETunnelProvider with app-level routing rules, tunnel only specific apps (browser, email, custom enterprise apps) through iboss, allow other apps direct internet access), browser isolation (WebKit view that renders isolated browsing session from iboss cloud, stream pixels to device, no risky content ever executes on device, support for copy/paste, file upload/download), AI chat monitoring (capture network traffic to ChatGPT, Gemini, Perplexity, Claude APIs, inspect content of API requests and responses, scan for sensitive data patterns (PII, financial, proprietary) using DLP engine, block request if policy violated, log incident and send push notification to user and security team, support for both web UI and API-based interactions), data loss prevention (URL filtering to block unauthorized cloud apps, content inspection for DLP patterns, block uploads to shadow IT, alert user with inline block page explaining policy violation), compliance logging (audit trail of network requests, app access, file uploads, policy violations, send to SIEM/Splunk, Microsoft Sentinel), push notifications (APNs for policy violation alerts, device posture warnings, zero-day threat alerts, incidents requiring user action, SSO re-authentication required), offline policy enforcement (Core Data for caching DLP policies, URL filter lists, compliance rules, enforce when device offline (e.g., airplane mode) and report violations when back online), user behavior analytics (send anonymized telemetry to iboss cloud for machine learning models to detect anomalies), and accessibility (VoiceOver for security settings, policy violation alerts, SSO login flows).

Products and Platforms

• iboss Zero Trust SASE iOS App – Secure access to corporate resources, private apps, and cloud services
• Zero Trust Network Access (ZTNA) – Identity-based, least-privilege access to private apps (replaces VPN)
• Secure Web Gateway – URL filtering, malware protection, SSL/TLS decryption, content control
• Browser Isolation – Execute risky web content in iboss cloud, stream to iOS device (no malware on device)
• AI Chat Monitoring – Track conversations on ChatGPT, Gemini, Perplexity, Claude; scan uploads for sensitive data; block policy violations; create incidents
• AI-Powered CASB – Cloud app and data signals, signatureless detection, dual-risk scoring (app risk + data risk)
• Advanced DLP – Content flow intelligence, sensitive data exfiltration prevention (PII, financial, proprietary)
• Data Loss Prevention (DLP) – Scan network traffic for sensitive data patterns (credit cards, SSN, medical records), block uploads to unauthorized apps, alert user
• Endpoint Posture Assessment – Device compliance checks (iOS version, passcode, jailbreak detection, MDM enrollment, certificate validation)
• Single Sign-On – Microsoft Entra SSO, Okta, Ping Identity, SAML, OAuth2/OIDC
• Certificate-based Authentication – PKCS #12 client certificates, mTLS, SCEP enrollment
• Per-App VPN – Tunnel specific apps through iboss, allow other apps direct internet access
• Split Tunneling – Direct internet access for non-corporate traffic, only corporate apps go through iboss
• Shadow IT Discovery – Automatically detect unknown cloud applications used by employees
• Compliance Monitoring – GDPR, HIPAA compliance, audit trails, forward logs to Microsoft Sentinel or other SIEM
• Incident Response – Security incidents for policy violations, automated alerting, detailed forensics
• Microsoft Integration – Microsoft Entra SSO, Microsoft Information Protection (MIP) labels, Microsoft Purview, Azure Security Gateways, Microsoft Sentinel
• 99.999% Uptime – Platform reliability guarantee
• <30 min SASE Deployment – Rapid deployment for SASE platform
• 60% Reduction in Total Security Costs – Cost savings compared to legacy solutions

Work Opportunities for iOS Developers

A cybersecurity and Zero Trust SASE leader like iboss hires:

• iOS Developers – for ZTNA, secure web gateway, browser isolation, AI chat monitoring, DLP, and endpoint security applications
• Mobile Engineers (iOS) – focusing on Network Extension framework (NEVPNManager, NETunnelProvider for per-app VPN), endpoint posture assessment (jailbreak detection, iOS version, passcode status, MDM enrollment), certificate-based authentication (PKCS #12, mTLS, SCEP), single sign-on (ASWebAuthenticationSession for OAuth2/OIDC/SAML), browser isolation (WKWebView streaming from cloud, JavaScript injection for DLP controls), AI chat monitoring (capture HTTP requests to ChatGPT, Gemini, Perplexity, Claude APIs, inspect content for sensitive data patterns, block requests, log incidents), DLP (URL filtering, content inspection, block page UI, push notifications for policy violations), data encryption (AES-256 for local cache, TLS for network), push notifications (APNs for security alerts, policy violations, device posture warnings), offline policy enforcement (Core Data for cached policies, delayed reporting), user behavior analytics (telemetry collection and anonymized upload), and integration with Microsoft Entra, Purview, Sentinel, and MIP labels
• Software Engineers – for backend services supporting ZTNA gateway, cloud SWG, browser isolation cloud rendering, AI chat DLP engine (ML for content classification), CASB app catalog (signatureless detection), dual-risk scoring algorithms, policy management (UI for security teams to define DLP rules, URL filters, device posture requirements), incident management (create, track, investigate, report incidents), compliance auditing (GDPR, HIPAA logs), SIEM integration (Splunk, Microsoft Sentinel), and user/device analytics
• Network Security iOS Engineers – with deep knowledge of Network Extension framework (NEVPNManager for VPN configuration, NETunnelProvider for per-app VPN, routing rules, split tunneling, DNS over HTTPS), iOS device posture assessment (jailbreak detection techniques: check for Cydia, prohibited files, system call hooks, sandbox escape detection; passcode status using LAContext; iOS version and security update compliance; MDM enrollment check via Managed App Config), certificate enrollment (SCEP profile, PKCS #12 import, keychain storage), mTLS, and per-app VPN configuration via MDM (VPN payload with Per-App VPN UUIDs)
• DLP Engineers – for content inspection (regex for credit cards, SSN, medical IDs; keyword matching for proprietary info; fingerprinting of sensitive documents; exact data matching from databases), URL filtering (categorized URL databases, custom blacklist/whitelist, SSL/TLS decryption to inspect HTTPS traffic), block page UI (WKNavigationDelegate for WebKit, URLProtocol for intercepting and blocking requests, custom error page), push notifications for policy violations, and offline policy caching
• AI Chat Monitoring Engineers – for intercepting network requests to ChatGPT (chat.openai.com), Gemini (gemini.google.com), Perplexity (perplexity.ai), Claude (claude.ai), and other AI chat domains; inspect JSON payloads for user messages and uploaded content (file attachments, pasted text); DLP scanning for sensitive data; block requests (return HTTP 403 with explanation); create incident in iboss cloud; send push notification to user ("Your upload to ChatGPT contained PII and was blocked."); support for enterprise AI tools (e.g., internal ChatGPT Enterprise, private AI deployments)
• Browser Isolation Engineers – for WKWebView configuration that loads isolated browsing session from iboss cloud (URL scheme like https://isolation.ibosscloud.com/session_id/page), JavaScript injection for DLP controls (scan page content, block copy/paste of sensitive data, disable file upload to risky sites), streaming protocol for pixels (low-latency remote rendering), support for user input (typing, clicking, copy/paste to/from isolated session), file download/upload via isolated session (scan files before allowing download to device)
• Endpoint Posture Engineers – for device attestation (iOS DeviceCheck API for app-specific device secrets), keychain storage for device ID, compliance checks (iOS version via UIDevice, passcode via LAContext.canEvaluatePolicy(.deviceOwnerAuthentication), MDM enrollment via UserDefaults with Managed App Config), jailbreak detection (check URL schemes for Cydia, file existence /Applications/Cydia.app, system call hook detection, sandbox escape attempts, sentinel file checks), certificate validation (check if client certificate installed in keychain and not expired), and report posture to iboss cloud before granting network access
• SSO Engineers – for ASWebAuthenticationSession (OAuth2 authorization code flow, PKCE, refresh token), SFAuthenticationSession for Safari-based SSO, integration with Microsoft Entra SSO (Azure AD), Okta, Ping Identity, SAML (Service Provider Initiated, IdP Initiated), certificate-based authentication with Entra (client cert in keychain mapped to Azure AD user)
• Push Notification Engineers – for APNs (security alerts: "Policy violation: credit card number uploaded to Dropbox", device posture warnings: "iOS version out of date, update required to access corporate apps", zero-day threat alerts: "New AI chat app detected, policy updated", incident notifications: "Sensitive data exfiltration attempt blocked", SSO re-authentication required)
• Offline Policy Engineers – for Core Data (cached URL filter lists, DLP rules, device posture requirements, compliance policies, certificate validation rules), enforce policies when device offline (airplane mode, remote locations without internet), queue policy violation logs for upload when back online (Core Data sync), conflict resolution if cached policy out of date
• Telemetry Engineers – for anonymized user activity collection (app usage, network requests, blocked attempts, device posture), send to iboss cloud for machine learning (ML models for user behavior analytics, anomaly detection, insider threat detection), protect user privacy while providing security insights
• Accessibility Engineers – for VoiceOver (security settings, policy violation alerts, SSO login flows, browser isolation controls, DLP block page explanations), ensure compliance and security are accessible to all users

These roles focus on building the iboss Zero Trust SASE iOS app that enables secure access to corporate resources, private applications, and cloud services for remote workers, branch offices, and edge devices. Engineers work on Network Extension framework (NEVPNManager, NETunnelProvider) for per-app VPN to replace legacy VPNs with identity-based, least-privilege Zero Trust Network Access (ZTNA), routing only corporate app traffic through iboss cloud while allowing personal app traffic direct internet (split tunneling), device posture assessment (jailbreak detection, iOS version compliance, passcode status, MDM enrollment, certificate validation) to ensure only compliant devices can access corporate resources, certificate-based authentication (PKCS #12 client certificates, mTLS, SCEP enrollment) for strong device identity, Single Sign-On (ASWebAuthenticationSession) with Microsoft Entra SSO, Okta, and Ping Identity, browser isolation where risky web content executes in iboss cloud and renders as pixels on the device (WKWebView streaming) so no malware ever touches the device, AI chat monitoring (intercept HTTP requests to ChatGPT, Gemini, Perplexity, Claude; inspect API payloads for sensitive data uploads; block policy violations; create security incidents; send push notifications to users and security teams), Data Loss Prevention (URL filtering to block unauthorized cloud apps, content inspection for PII, financial data, and proprietary information using regex, keyword matching, document fingerprinting, exact data matching; block uploads; display block page explaining policy violation), push notifications for real-time security alerts (policy violations, device posture warnings, zero-day threats, incidents), offline policy enforcement (Core Data caching of DLP rules, URL filters, compliance policies for when device is offline), telemetry for user behavior analytics to detect anomalies (insider threats, compromised accounts), Microsoft integration (Entra SSO, MIP label enforcement, Purview data discovery, Azure security gateways, Sentinel log forwarding), and accessibility (VoiceOver for security settings and policy violation alerts). iboss delivers 99.999% platform uptime, less than 30 minute SASE platform deployment, and 60% reduction in total security costs compared to legacy solutions. iboss protects enterprise AI interactions across ChatGPT, Google Gemini, Perplexity, and Claude with comprehensive conversation tracking, real-time data loss prevention (scan all uploaded content for sensitive data patterns including PII, financial data, proprietary information, instant blocking, incident creation), and enterprise AI governance. iboss is trusted by security teams to replace legacy CASB (fixed app databases, API dependencies) with AI-powered signatureless detection that protects against zero-day apps not in traditional databases, offering dual-risk scoring (app risk + data risk). Join iboss and help build the iOS app that secures remote workers, enforces Zero Trust access, monitors AI chat usage, prevents data loss, and replaces legacy VPNs — all from a single platform with 99.999% uptime. iboss is the AI-powered SASE platform for the modern workforce. iOS jobs available in the USA (remote and office locations).