Overview
HybridYou can be located at one of three site locations: Either Bothell, WA; San Jose, CA; or Austin, TX
Depends on Experience
Full Time
No Travel Required
Skills
Android App
APK/SDK
Ghidra
Burp
Reverse Engineering
Hybrid Contracts
3 Android Mobile App Reverse Engineers
LOCATIONS: Either Bothell WA/ San Jose CA/ or Austin
Jadx
Frida
IDA Pro
to perform binary and APK analysis
ELF (Native Binaries) reverse engineering
Query languages such as SQL
Java
Kotlin
JavaScript
Flutter
and other mobile software languages
ndroid Fundamentals such as Android activity lifecycles
common Android API usage
AOSP
Java and/or Kotlin Programing Language
malicious software techniques
Network traffic analysis; security fundamentals
Mobile App store policies ( Ads PHAs Developer)
Job Details
TITLE: Hybrid Contracts: 3 Android Mobile App Reverse Engineers
KEYS: Android App, APK/SDK, Ghidra, Burp, Reverse Engineering
** 3 Different Levels starting at 3 years of experience: Junior, Mid-Level or Senior Level
LOCATIONS: Either, Bothell, WA; San Jose, CA; or Austin, TX
DURATION: Could go u to 2 years.
Hybrid: Onsite 3 days of the week.
Excellent Verbal & Written Communication Skills
*****************
We are seeking a highly skilled Android App and SDK Reverse Engineers to join our team.
The ideal candidate will have a deep understanding of Android internals, a strong aptitude for reverse engineering techniques, and a passion for unraveling complex software.
This role will involve analyzing and deconstructing Android applications and SDKs to identify potential security risks and gain insights into their underlying functionality.
Responsibilities:
Deep Dive Analysis: Conduct in-depth analysis of Android applications and SDKs to understand their codebase, architecture, and functionality.
Reverse Engineering Techniques: Employ advanced reverse engineering techniques to extract information from various codebases, including decompilation, disassembly, and debugging.
Risk Identification: Identify user and device risk, data leakage, and malicious code execution within Android apps and SDKs.
Tool Development: Develop and maintain custom reverse engineering tools and scripts to automate tasks and improve efficiency.
Security Assessment: Conduct security assessments of Android applications and SDKs to identify potential risks.
Threat Intelligence: Gather and analyze threat intelligence related to Android malware, exploits, and emerging security trends.
Collaboration: Collaborate with security researchers, developers, and other stakeholders to share findings, provide recommendations, and contribute to the development of secure software.
Continuous Learning: Stay updated on the latest Android security threats, vulnerabilities, and reverse engineering techniques.
Requirements & Hands on Experience with the following:
Analyzing, unpacking, and reverse engineering code of malicious applications or SDKs.
Ability to read, comprehend and analyze source code
Static and Dynamic Analysis Techniques
Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK analysis
Java, Kotlin, JavaScript, Flutter, and other mobile software languages
ELF (Native Binaries) reverse engineering
Query languages such as SQL
Understanding of the following topics
Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an android application is created.
Java and/or Kotlin Programing Language
Techniques utilized by malicious software to harm the user s device or their data
Mobile App store policies (Ads, PHAs, Developer, etc.)
Network traffic analysis; security fundamentals
Additional:
Development of signatures (Yara, etc.)
Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception
Nice to Have:
Experience with Vulnerability Analysis or security code review
Android Software Development Experience
Background / Familiarity with Google Ads or Content moderation
Participation in a Capture the Flag (CTF) for Mobile software
Pen testing, Blue Team, and/or Red Team experience
Professional Experience and Education
Required:
o 3 - 5+ years experience in one or more of the following: Android Development, Reverse Engineering, Pen Testing, Application Security Assessments
Preferred:
o Associate's/Bachelor s Degree/master s in computer science, computer engineering, CS, or information systems, or related discipline.
o 3 - 5 years of hands on Android App/SDK Reverse Engineering
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.