Application Security Analyst (Android Preloads)

Application Security Analyst (Android Preloads) Project Overview Seeking a skilled Application Security Analyst to help ensure the privacy and security of the Android ecosystem. This role will focus on in-depth analysis of preloaded applications on Android devices.. This is a critical role in identifying and mitigating potential risks associated with preloaded applications, especially those leveraging AI and ambient computing features. Responsibilities

• Conduct in-depth static and dynamic analysis of preloaded Android applications (APKs) to understand their functionality, data handling practices, and permission usage.
• Reverse engineer obfuscated or complex code to map data flows, identify data collection points (e.g., microphone, screen content), and trace data transmission to external endpoints.
• Analyze network traffic to identify the nature and destination of any data being sent off-device.
• Evaluate the user interface and user experience (UI/UX) to determine if clear and explicit user consent is obtained before any sensitive data is collected or transmitted
• Collaborate with partner-facing teams to request and obtain compliance evidence from OEMs, including screenshots, video recordings, and technical documentation of consent flows.
• Document findings for each application, providing a clear assessment of compliance with relevant CDD sections.
• Maintain a repository of analysis reports and OEM evidence.
• Identify patterns of non-compliance or risky behavior to help inform the development
• of automated detection methods.
• Escalate confirmed non-compliant applications to the appropriate enforcement teams.

Required Skills & Experience

• 3+ years of experience in mobile application security, with a strong focus on Android.
• Proven experience in reverse engineering Android applications (APKs). Proficiency with tools such as:
  • Decompilers: JADX, Ghidra, JEB, or similar.
  • Disassemblers: IDA Pro or similar.
  • Dynamic Analysis: Frida, debuggers (jdb, gdb), network interception tools (e.g., Burp Suite, mitmproxy).

• Solid understanding of Android application architecture, permissions, and Inter-Process Communication (IPC).
• Familiarity with common mobile application vulnerabilities and obfuscation techniques.
• Ability to read and understand Java and Smali code. Knowledge of Kotlin is a plus.
• Experience with network traffic analysis.
• Excellent analytical and problem-solving skills.
• Strong written and verbal communication skills, with the ability to clearly document technical findings.
• Ability to work independently and manage time effectively.

Nice to Have

• Knowledge of AI/ML frameworks and how they are integrated into mobile apps.
• Experience interacting with external partners or vendors.
• Familiarity with scripting languages (e.g., Python) for automating analysis tasks.

Estimated Min Rate: $70.00
Estimated Max Rate: $90.00


What s In It for You?
We welcome you to be a part of the largest and legendary global staffing companies to meet your career aspirations. Yoh s network of client companies has been employing professionals like you for over 65 years in the U.S., UK and Canada. Join Yoh s extensive talent community that will provide you with access to Yoh s vast network of opportunities and gain access to this exclusive opportunity available to you. Benefit eligibility is in accordance with applicable laws and client requirements. Benefits include:

• Medical, Prescription, Dental & Vision Benefits (for employees working 20+ hours per week)
• Health Savings Account (HSA) (for employees working 20+ hours per week)
• Life & Disability Insurance (for employees working 20+ hours per week)
• MetLife Voluntary Benefits
• Employee Assistance Program (EAP)
• 401K Retirement Savings Plan
• Direct Deposit & weekly epayroll
• Referral Bonus Programs
• Certification and training opportunities

Note: Any pay ranges displayed are estimations. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply.

Yoh, a Day & Zimmermann company, is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Visit https://www.yoh.com/applicants-with-disabilities to contact us if you are an individual with a disability and require accommodation in the application process.

For California applicants, qualified applicants with arrest or conviction records will be considered for employment in accordance with the Los Angeles County Fair Chance Ordinance for Employers and the California Fair Chance Act. All of the material job duties described in this posting are job duties for which a criminal history may have a direct, adverse, and negative relationship potentially resulting in the withdrawal of a conditional offer of employment.

By applying and submitting your resume, you authorize Yoh to review and reformat your resume to meet Yoh s hiring clients preferences. To learn more about Yoh s privacy practices, please see our Candidate Privacy Notice: https://www.yoh.com/privacy-notice