Malware Reverse Engineer

Job Title:

Malware Reverse Engineer

Role Overview:

The Android SDK Reverse Engineers conduct reverse engineering, security assessments, and code reviews. They conduct, collaborate, and assist with complex de-compilation, unpacking, code review, and potentially malicious mobile software reviews. This process is intended to lead to the detection of a code functionality that represents behavior types that threaten the personal security of users of applications available in the Google Play Store.
Additionally, the SDK Reverse Engineers continually work toward improving the review process through the identification of weaknesses in detection and automation followed by improvement recommendations.
Requirements:

– Core Skills:
o Review of applications and SDKs to detect malicious or inappropriate behavior by analyzing, unpacking and reverse engineering software that compromises Android devices.
o Static and Dynamic Analysis
o Experience with Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK/SDK analysis
o Code reviews for security policy violations, vulnerabilities, or improper coding practices
o Experience with Java, Kotlin, JavaScript, and other mobile software languages. Ability to
o Ability to write complex reports for consumption of non-technical audiences,
o Ability to collaborate, work with others as a team.

– Understanding of the following topics:
o In depth understanding of Android Internals
o Java Programing Language
o Techniques utilized by malicious software to tamper with user devices and make removal more difficult.
o Android Security Topics
o Mobile App store policies (Ads, PHAs, Developer, etc.)
o Ability to read, comprehend and analyze source code software

– Additional:
o Development of signatures (Yara, etc.)
o Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
o In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception
o Experience with Vulnerability Analysis
o Android Development
o Capture the Flag in Mobile software

Professional Experience and Education:
• BS/MS in computer science, computer engineering, CS, or information systems, or related discipline.
• 3-5 years of hands-on Android development and reverse engineering
• In depth understanding and experience in Android internals

This is a commissioned position. Develops and delivers detailed IT solutions through consulting project activities.

The Android SDK Reverse Engineers conduct reverse engineering, security assessments, and code reviews. They conduct, collaborate, and assist with complex de-compilation, unpacking, code review, and potentially malicious mobile software reviews.  This process is intended to lead to the detection of a code functionality that represents behavior types that threaten the personal security of users of applications available in the Google Play Store. 

Additionally, the SDK Reverse Engineers continually work toward improving the review process through the identification of weaknesses in detection and automation followed by improvement recommendations.

Requirements:

• Core Skills:
  • Review of applications and SDKs to detect malicious or inappropriate behavior by analyzing, unpacking and reverse engineering software that compromises Android devices.
  • Static and Dynamic Analysis
  • Experience with Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK/SDK analysis
  • Code reviews for security policy violations, vulnerabilities, or improper coding practices
  • Experience with Java, Kotlin, JavaScript, and other mobile software languages.  Ability to
  • Ability to write complex reports for consumption of non-technical audiences,
  • Ability to collaborate, work with others as a team.

• Understanding of the following topics:
  • In depth understanding of Android Internals
  • Java Programing Language
  • Techniques utilized by malicious software to tamper with user devices and make removal more difficult.
  • Android Security Topics
  • Mobile App store policies (Ads, PHAs, Developer, etc.)
  • Ability to read, comprehend and analyze source code software

• Additional:
  • Development of signatures (Yara, etc.)
  • Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
  • In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception
  • Experience with Vulnerability Analysis
  • Android Development
  • Capture the Flag in Mobile software

Professional Experience and Education:

• BS/MS in computer science, computer engineering, CS, or information systems, or related discipline.
• 3-5 years of hands-on Android development and reverse engineering
• In depth understanding and experience in Android internals

Base Pay Range: $111,500 – $182,750. Actual base pay within this range will depend on varying circumstances, including the work location, individual qualifications, company budget and other operational business needs. Compensation may also include annual bonuses and long-term incentives, subject to various metrics and company policy.
 

Company Benefits and Perks:

We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Retirement Plans
• Medical, Dental and Vision Coverage
• Paid Time Off
• Paid Parental Leave
• Support for Community Involvement

We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.