Job Description:
We're looking for a Reverse Engineer specializing in Android Malware to join our team in Austin, TX or Bothell, Washington. This on-site position offers a one-year commitment with potential for extension.
Responsibilities:
As a member of our team, you will:
- Conduct reverse engineering, security assessments, and code reviews.
- Perform complex decompilation, unpacking, code review, and reviews of malicious mobile software.
- Identify families of malware and implement actions at scale.
- Develop static and dynamic signatures for mobile code, binaries, and executable code, leading to the detection of various threat types, including malware, potentially unwanted programs (PUPs), and advanced persistent threats.
- Identify weaknesses in detections and automations, making recommendations for improvements in the detection process and automation pipeline.
- Write detailed reports for non-technical audiences and review peer reports.
- Assist with investigations related to security incidents.
Requirements:
We're seeking candidates with hands-on experience in the following areas:
- Reviewing malicious applications and SDKs through analyzing, unpacking, and reverse engineering software compromising Android devices.
- Conducting static and dynamic analysis.
- Using Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp for binary and APK analysis.
- Code reviews for security policy violations, vulnerabilities, or improper coding practices.
- Experience with Java, Kotlin, JavaScript, Flutter, and other mobile software languages.
- Reverse engineering of ELF (Native Binaries).
- In-depth understanding of Android Internals.
- Understanding of Java Programming Language.
- Familiarity with techniques used by malicious software to tamper with user devices and make removal more difficult.
- Knowledge of Android Security Topics and Mobile App store policies (Ads, PHAs, Developer, etc.).
- Ability to read, comprehend, and analyze source code software.
Additional Skills:
- Development of signatures (Yara, etc.).
- Research on threats such as APT using Open ExploitDB, MITRE, etc.
- Source Intelligence (VirusTotal, Web).
- In-depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols, and interception.
Nice to Have:
- Background/Familiarity with Google Ads or Content moderation.
- Experience with Vulnerability Analysis.
- Android Development.
- Capture the Flag in Mobile software.
Professional Experience and Education:
- Required: None.
- Preferred: Associates/Bachelor’s Degree/Master’s in computer science, computer engineering, CS, or information systems, or related discipline. 3-5 years of hands-on Android and reverse engineering experience. In-depth understanding and experience in Android internals.
Company Description:Surf Wave Recruiting is an innovative recruiting firm that focuses on Mid to Senior level
positions. We specialize in Direct Placement roles throughout North
America, South America, and Europe.