Role Description

In support of our global Android Reverse Engineering program, we seek highly skilled Android App and SDK Reverse Engineers to join our team. This role will involve analyzing and deconstructing Android applications and SDKs to identify potential security risks and gain insights into their underlying functionality.

• Deep Dive Analysis: Conduct in-depth analysis of Android applications and SDKs to understand their codebase, architecture, functionality and to identify potential risks.
• Reverse Engineering Techniques: Employ advanced reverse engineering techniques to extract information from various codebases, including decompilation, disassembly, and debugging.
• Risk Identification: Identify user and device risk, data leakage, and malicious code execution within Android apps and SDKs.
• Threat Intelligence: Gather, analyze and report threat intelligence related to Android malware, exploits, and emerging security trends.
• Collaboration: Collaborate with security researchers, developers, and other stakeholders to share findings, provide recommendations, and contribute to the development of secure applications and ecosystem.

Qualifications

• A minimum of 3 - 5+ years of expertise in one or more of the following: Android Development, Reverse Engineering, Pentesting, Application Security Assessments, Capture the Flag (CTF).
• Hands-on experience with analyzing, unpacking, and reverse engineering code of malicious applications or SDKs.
• Static and Dynamic Analysis Techniques.
• Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK analysis.
• Proficiency in Java, Kotlin, JavaScript, Flutter, and other mobile software languages.
• Experience with ELF (Native Binaries) reverse engineering.
• Development of signatures (SQL, Yara, etc.).

Requirements

• An understanding of Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an Android application is created.
• Knowledge of techniques utilized by malicious applications to harm the user’s device or their data.
• Familiarity with mobile app store policies (Ads, PHAs, Developer, etc.).
• Experience in network traffic analysis; security fundamentals.
• Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.).
• Understanding of encoding and cryptography.
• Knowledge of authentication mechanisms and security.
• Experience with device rooting.
• Familiarity with complex frameworks and application packers.

Benefits

• Retirement Plans
• Medical, Dental and Vision Coverage
• Paid Time Off
• Paid Parental Leave
• Support for Community Involvement