Our internal iOS apps require a full round of security-centric testing and a seamless in-house release process under the Apple Developer Enterprise Program. The build must remain private—only selected employees and customers may download it—so the usual App Store route is off the table. Scope of work • Test on both iPhone and iPad models running the latest public iOS versions, paying special attention to data handling, encryption, code-signing integrity, and any third-party library exposure. • Produce a concise security test report that highlights vulnerabilities, recommended fixes, and retest results. • Prepare the signed IPA, provisioning profile, and distribution certificate, then host the package behind a Direct URL protected by basic authentication or token gating (no MDM or Configurator for this release). • Document the entire flow—certificate renewal steps, URL structure, and installation instructions—in a short markdown or PDF hand-off so our internal IT team can replicate it next cycle. Acceptance criteria 1. Installation from the secure link succeeds on at least two fresh devices each for iPhone and iPad without UDID whitelisting. 2. OWASP Mobile Top 10 checks show no critical or high-severity findings. 3. The distribution link, certificate, and profile remain valid for a minimum of 90 days and can be refreshed using the provided documentation in under 20 minutes. The existing codebase is stable; I simply need an iOS professional with three or more years of enterprise experience to validate its security and put a robust, private distribution pipeline in place.