Android Reverse Engineer/Penetration Test Engineer - Resource Informatics Group
Austin, TX
About the Job
Job Title: Android Reverse Engineer/Penetration Test Engineer
Work Model: This is a Hybrid model -3 days onsite, 2 days remote.
Cities - Austin, TX , San Jose, CA, or Bothell, Wash
Job Description:
The Android Malware Reverse Engineers will conduct reverse engineering, security assessments, and
code reviews. You will conduct and assist with complex decompilation, unpacking, code review and
malicious mobile software reviews. The goal of the work is to identify families of malware and act on
apps at scale. You will be responsible for developing static and dynamic signatures for mobile code,
binaries, and executable code leading to the detection of a variety of threat types including malware,
potentially unwanted programs (PUPs) and advanced persistent threats.
Additionally, you will identify weaknesses in detections and automations and make
recommendations for improvements in the detection process and automation pipeline. You are
required to write complex reports for consumption of non-technical audiences, review peer reports
and assist with investigations.
Requirements:
HandsonExperience with the following:7
Analyzing, unpacking, and reverse engineering code of malicious applications or
SDKs.
Static and Dynamic Analysis Techniques8
ReverseEngineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform
binary and APK analysis
Java,Kotlin, JavaScript, Flutter, and other mobile software languages
ELF(Native Binaries) reverse engineering
Querylanguages such as SQL
Understanding of the following topics
AndroidFundamentals such as Android activity lifecycles, common Android API
usage, AOSP, and how an android application is created.
Javaand/or Kotlin Programing Language
Techniques utilized by malicious software to harm the user's device or their data
MobileAppstorepolicies (Ads, PHAs, Developer, etc.)
Ability to read, comprehend and analyze source code
Additional:
Developmentofsignatures (Yara, etc.)
Researchonthreats such as APT using Open-Source Intelligence (Virus Total, Web,
ExploitDB, MITRE, etc.)
Indepthknowledge of security engineering and analysis topics, computer and
network security, cryptography, authentication security, rooting, packing, network
protocols and interception
Nice to Have:
Experience with Vulnerability Analysis or security code review
AndroidSoftware Development Experience
Background/Familiarity with Google Ads or Content moderation
Participation in a Capture the Flag (CTF) for Mobile software
Pentesting, Blue Team, and/or Red Team experience
Professional Experience and Education
Required:
o None.
Preferred:
o Associates/Bachelor's Degree/master's in computer science, computer engineering,
CS, or information systems, or related discipline.
o 3-5yearsofhands onAndroid and reverse engineering.
Work Model: This is a Hybrid model -3 days onsite, 2 days remote.
Cities - Austin, TX , San Jose, CA, or Bothell, Wash
Job Description:
The Android Malware Reverse Engineers will conduct reverse engineering, security assessments, and
code reviews. You will conduct and assist with complex decompilation, unpacking, code review and
malicious mobile software reviews. The goal of the work is to identify families of malware and act on
apps at scale. You will be responsible for developing static and dynamic signatures for mobile code,
binaries, and executable code leading to the detection of a variety of threat types including malware,
potentially unwanted programs (PUPs) and advanced persistent threats.
Additionally, you will identify weaknesses in detections and automations and make
recommendations for improvements in the detection process and automation pipeline. You are
required to write complex reports for consumption of non-technical audiences, review peer reports
and assist with investigations.
Requirements:
HandsonExperience with the following:7
Analyzing, unpacking, and reverse engineering code of malicious applications or
SDKs.
Static and Dynamic Analysis Techniques8
ReverseEngineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform
binary and APK analysis
Java,Kotlin, JavaScript, Flutter, and other mobile software languages
ELF(Native Binaries) reverse engineering
Querylanguages such as SQL
Understanding of the following topics
AndroidFundamentals such as Android activity lifecycles, common Android API
usage, AOSP, and how an android application is created.
Javaand/or Kotlin Programing Language
Techniques utilized by malicious software to harm the user's device or their data
MobileAppstorepolicies (Ads, PHAs, Developer, etc.)
Ability to read, comprehend and analyze source code
Additional:
Developmentofsignatures (Yara, etc.)
Researchonthreats such as APT using Open-Source Intelligence (Virus Total, Web,
ExploitDB, MITRE, etc.)
Indepthknowledge of security engineering and analysis topics, computer and
network security, cryptography, authentication security, rooting, packing, network
protocols and interception
Nice to Have:
Experience with Vulnerability Analysis or security code review
AndroidSoftware Development Experience
Background/Familiarity with Google Ads or Content moderation
Participation in a Capture the Flag (CTF) for Mobile software
Pentesting, Blue Team, and/or Red Team experience
Professional Experience and Education
Required:
o None.
Preferred:
o Associates/Bachelor's Degree/master's in computer science, computer engineering,
CS, or information systems, or related discipline.
o 3-5yearsofhands onAndroid and reverse engineering.
Source : Resource Informatics Group