Reverse Android Engineer

Title: Reverse Android Engineer

Length of Contract: Contract- 2 Years

Location: Hybrid Schedule in either - Austin Tx, Bothell WA, San Jose CA - 3 days a week on-site

Ideal Start Date: Aug/Sept

Process- Submittals must include a Capture the flag exercise (CTF) with the resume, 2nd round is a technical with 2 screeners on their side and 3rd is a final formality interview with team- If they get to step three they normally will get the offer

Drug/Background Check Both Required prior to start

Duties:

This strategic role combines hands-on research, reverse engineering, and detection development with architectural vision and cross-functional collaboration. You will investigate emerging attack techniques and design novel detection approaches.

• Lead efforts to reverse engineer sophisticated malware, identifying malicious code, obfuscation techniques, and communication protocols.
• Author advanced detection rules for behavior-based detection engines.
• Conduct comprehensive research on attacker campaigns and techniques to support detection investments and enhance customer experience.
• Develop and optimize generic threat detection strategies based on static and dynamic detection engines.
• Perform advanced proactive and reactive threat hunting to identify detection issues such as misses or misclassifications from large-scale datasets.
• Respond to escalations to resolve detection effectiveness issues (misclassifications, false positives, and false negatives).
• Collaborate with cross-functional teams within the product organization including product management, engineering and research to drive exceptional customer experiences and ensure comprehensive protection.
• Develop advanced alerting, reporting, and automated detection solutions.
• Stay abreast of the latest cybersecurity threats, attack techniques, detection evasion tactics, OS features, and industry developments.
• Build and maintain tools and automation to improve productivity and detection efficacy.
• Utilize machine learning techniques to enhance threat detection and response capabilities.

Must Haves:

• 3-5 Years of combined practical experience with the following:
• Web Application Penetration Testing
• Mobile Forensics
• Binary Analysis
• Malware Analysis
• Reverse Engineering on other platforms
• CTF, Hack-in-the-box, Hack this site
• Incident Response, Security Operations
• Android Development
• Must have experience with Non- Java Coding, Frameworks (Unity, Flutter, Xamarin), Dalvik/ART Virtual Machine
• Must know the Reverse Engineering Fundamentals Including:
• Static Analysis- Decompliation to a higher-level language, Disassembly, Code Auditing
• Dynamic Analysis- Debugging, Monitoring, and Fuzzing
• Data Analysis- Data Extraction and Data Mining
• Must have experience with Reverse Engineering Tools including-
• Decompilers- IDA Pro, Ghidra, Radare2, JADX, Fernflower
• Disassemblers- Smali/Baksmali
• Debugging Tooks- ADB, JDWP
• Emulators- BlueStack, Unicorn qemu, Android Studio
• tcpdump/Wireshark
• Frida
• CyberChef or similar Tools (encode/decode, encryption/decryption)
• HTTP Interception Tools (WebScarab, HTTP Toolkit, BurpSuite)
• Pattern Detection (Yara, SEMGREP, SNORT)
• Must be knowledgeable in Linux/Unix, Networking Fundamentals and protocols, and Problem Solving and Debugging
• Strong communication and technical writing