Senior Native Mobile Technical Auditor / Developer (iOS/Android) - Part-time - Worldwide

About the Engagement

We are a mobile platform serving minors, currently undergoing a time-sensitive ownership transition. We need a single senior engineer to independently conduct a full-scope technical audit and deliver a written report suitable for an investor audience — covering mobile codebases, AWS infrastructure, COPPA compliance, and AI/ML component ownership.

This is not a development role at phase 1. The deliverable is a structured written assessment with findings, severity ratings, ownership confirmation, and a rebuild cost and timeline estimate. The founding team is non-technical, and the report must be navigable by both investors and a new engineering team taking over the platform.

Start: Immediately upon agreement - we have a tight deadline to deliver written report before April 6, 2026

Why This Audit Matters

Several specific risks have already been identified that must be addressed in the review:

• Chat moderation was identified as a necessary feature but was never implemented — on a live platform serving minors. The compliance and operational risk exposure must be formally assessed.
• COPPA and PRIVO parental consent flows must be independently verified, not taken on the current owner's word.
• AI/ML components must be assessed for true client ownership and portability — it must be clear whether the new owner can operate these independently.
• App Store and Google Play signing certificates and provisioning profiles must be confirmed as transferable to the new owner.

Full Audit Scope

Mobile Codebases (iOS & Android)

• Structural quality, third-party dependency risks, hardcoded credentials or API keys
• Inheritability assessment — can a new engineering team pick this up confidently?
• App Store (Swift) and Google Play (Kotlin/Java) account transferability, signing certificates, and provisioning profiles

COPPA & Compliance

• End-to-end verification of parental consent flows and PRIVO certification status
• Data collection, retention, and deletion practices against COPPA requirements
• Chat moderation gap assessment — document the legal and operational exposure clearly

AWS Infrastructure

• IAM roles and permissions — overly permissive policies, credentials tied to individuals
• Deployment environment soundness — staging vs production separation
• Storage and data security — encryption at rest and in transit, with particular focus on minors' data

AI/ML Components

• Model ownership and portability — proprietary, fine-tuned, or third-party API dependent?
• Vendor dependency assessment — can the new owner operate without the current team or vendors?
• Inference endpoint documentation

Database

• MySQL schema review — structural soundness, data integrity, and issues a new team would inherit

Report Deliverables

• Executive summary for a non-technical founding team and investor audience
• Findings organized by severity: critical / high / medium / low
• COPPA and PRIVO compliance status with specific gaps called out
• Ownership and transferability confirmation across all components
• Rebuild cost estimate with timeline ranges
• Recommended immediate actions before ownership transfer completes

Required Qualifications

• Senior native iOS (Swift) experience — both platforms required, not one or the other
• Senior native Android (Kotlin/Java) experience
• AWS infrastructure assessment experience — IAM, deployment, storage, security
• COPPA compliance experience
• AI/ML integration auditing — model ownership, vendor lock-in, inference portability
• Formal technical audit experience — structured written deliverables for investor or legal audiences, not peer code review
• MySQL or equivalent relational database schema review
• Strong written communication — the report must hold up to investor and legal scrutiny
• Immediately available — engagement starts upon agreement

Nice to Have

• Prior experience with M&A technical due diligence or platform ownership transfers
• Familiarity with App Store and Google Play account transfer processes