The Android SDK Reverse Engineers conduct reverse engineering, security assessments, and code reviews. They conduct, collaborate, and assist with complex de-compilation, unpacking, code review, and potentially malicious mobile software reviews. This process is intended to lead to the detection of a code functionality that represents behavior types that threaten the personal security of users of applications available in the Google Play Store. The goal of the work is to identify families of malware and take action on apps at scale. You will responsible to develop static and dynamic signatures for mobile code, binaries, and executable code leading to the detection of a variety of threat types including malware, potentially unwanted programs (PUPs) and advanced persistent threats.
Additionally, the SDK Reverse Engineers continually work toward improving the review process through the identification of weaknesses in detection and automation followed by improvement recommendations. You are required to write complex reports for consumption of non-technical audiences, review peer reports and assist with investigations.
- Core Skills:
- Review of applications and SDKs to detect malicious or inappropriate behavior by analyzing, unpacking and reverse engineering software that compromises Android devices.
- Static and Dynamic Analysis
- Experience with Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK/SDK analysis
- Code reviews for security policy violations, vulnerabilities, or improper coding practices
- Ability to write complex reports for consumption of non-technical audiences,
- Ability to collaborate, work with others as a team.
- Understanding of the following topics:
- In depth understanding of Android Internals
- Java Programing Language
- Techniques utilized by malicious software to tamper with user devices and make removal more difficult.
- Android Security Topics
- Mobile App store policies (Ads, PHAs, Developer, etc.)
- Ability to read, comprehend and analyze source code software
- Development of signatures (Yara, etc.)
- Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
- In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception
- Experience with Vulnerability Analysis
- Android Development
- Capture the Flag in Mobile software