Job Description
Job Description
Position:
Android Reverse Engineer
Location:
Austin TX or Bay Area or Bothell WA. – Hybrid
Duration:
12+ Months
Job Description:
The Android SDK Reverse Engineers conduct reverse engineering, security assessments, and code reviews. They conduct, collaborate, and assist with complex de-compilation, unpacking, code review, and potentially malicious mobile software reviews.
This process is intended to lead to the detection of code functionality that represents behavior types that threaten the personal security of users of applications available in the Google Play Store.
The goal of the work is to identify families of malware and take action on apps at scale. You will be responsible for developing static and dynamic signatures for mobile code, binaries, and executable code leading to the detection of a variety of threat types including malware, potentially unwanted programs (PUPs) and advanced persistent threats.
Additionally, the SDK Reverse Engineers continually work toward improving the review process through the identification of weaknesses in detection and automation followed by improvement recommendations. You are required to write complex reports for consumption of non-technical audiences, review peer reports and assist with investigations.
Requirements:
Core Skills:
Review of applications and SDKs to detect malicious or inappropriate behavior by analyzing, unpacking and reverse engineering software that compromises Android devices.
Static and Dynamic Analysis
Experience with Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK/SDK analysis
Code reviews for security policy violations, vulnerabilities, or improper coding practices
Experience with Java, Kotlin, JavaScript, and other mobile software languages.
Ability to
Ability to write complex reports for consumption of non-technical audiences,
Ability to collaborate, work with others as a team.
Understanding of the following topics:
In depth understanding of Android Internals
Java Programing Language
Techniques utilized by malicious software to tamper with user devices and make removal more difficult.
Android Security Topics
Mobile App store policies (Ads, PHAs, Developer, etc.)
Ability to read, comprehend and analyze source code software.
Additional:
Development of signatures (Yara, etc.)
Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, Exploit DB, MITRE, etc.)
In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception
Experience with Vulnerability Analysis
Android Development
Capture the Flag in Mobile software.
Powered by JazzHR
fd41kuje4l
#J-18808-Ljbffr
