Posted today
Unspecified
Unspecified
IT - Software
McLean, VA (On-Site/Office)
We are seeking a highly skilled and motivated Vulnerability Researcher with a strong focus on the Apple iPhone or Google Android ecosystem. The ideal candidate will possess a deep understanding of iOS/Android architecture, security mechanisms, and common vulnerability classes. This role demands a proactive and meticulous approach to identifying and analyzing security weaknesses within iOS, Android and related technologies. As a member of our team, you will be expected to contribute significantly to our research efforts and stay at the forefront of mobile security advancements.
Day-to-day responsibilities and duties include:
Conduct in-depth vulnerability research and analysis on Apple iOS, Google Android and related software and hardware.
Employ various vulnerability discovery techniques, including but not limited to static analysis, dynamic analysis, and reverse engineering of binaries, protocols and file formats.
Design, develop, and execute effective fuzzing strategies to uncover security vulnerabilities in iOS and Android components and applications.
Perform various methods of fuzzing to identify potential security flaws in web-based elements within the iOS and Android environments.
Analyze and understand Arm Assembly language to facilitate low-level vulnerability analysis and exploitation.
Document discovered vulnerabilities with clear, concise, and actionable reports, including technical details, impact assessments, and potential remediation strategies.
Collaborate closely with development teams to communicate findings and assist in the development and implementation of security patches and mitigations.
Stay abreast of the latest security trends, research, and attack vectors targeting the iOS and Android platforms.
Contribute to the development of internal security tools and methodologies.
Potentially present research findings to both technical and non-technical audiences.
Mentor and provide guidance to junior vulnerability research team members.
REQUIREMENTS:
Applicants MUST
must be able to qualify and maintain security clearance.
have at least 3 years of vulnerability research and iOS experience and have a good understanding of professional business environments.
experience with Ghidra, IDA Pro or other disassemblers, Frida
be able to carry themselves in a professional manner
be punctual, responsible, and reliable
Preferred:
Have good written and verbal communication skills (answering the phone and composing emails in a professional manner)
ARM 64 Assembly
Programming/Scripting experience
Knowledge of mobile platform (Android/iOS) internals and kernel
Mobile/Embedded knowledge, baseband knowledge, SoC (MTK, Qualcomm, Exynos) knowledge
Job Type: Full-time
Pay: From $131,000 per year excluding bonus and benefits.
Schedule:
The schedule for this position is project driven and can be highly variable depending on project deadlines and the specific needs of the software development teams.
Monday to Friday
Weekends as needed
Work Location: In person
Day-to-day responsibilities and duties include:
Conduct in-depth vulnerability research and analysis on Apple iOS, Google Android and related software and hardware.
Employ various vulnerability discovery techniques, including but not limited to static analysis, dynamic analysis, and reverse engineering of binaries, protocols and file formats.
Design, develop, and execute effective fuzzing strategies to uncover security vulnerabilities in iOS and Android components and applications.
Perform various methods of fuzzing to identify potential security flaws in web-based elements within the iOS and Android environments.
Analyze and understand Arm Assembly language to facilitate low-level vulnerability analysis and exploitation.
Document discovered vulnerabilities with clear, concise, and actionable reports, including technical details, impact assessments, and potential remediation strategies.
Collaborate closely with development teams to communicate findings and assist in the development and implementation of security patches and mitigations.
Stay abreast of the latest security trends, research, and attack vectors targeting the iOS and Android platforms.
Contribute to the development of internal security tools and methodologies.
Potentially present research findings to both technical and non-technical audiences.
Mentor and provide guidance to junior vulnerability research team members.
REQUIREMENTS:
Applicants MUST
must be able to qualify and maintain security clearance.
have at least 3 years of vulnerability research and iOS experience and have a good understanding of professional business environments.
experience with Ghidra, IDA Pro or other disassemblers, Frida
be able to carry themselves in a professional manner
be punctual, responsible, and reliable
Preferred:
Have good written and verbal communication skills (answering the phone and composing emails in a professional manner)
ARM 64 Assembly
Programming/Scripting experience
Knowledge of mobile platform (Android/iOS) internals and kernel
Mobile/Embedded knowledge, baseband knowledge, SoC (MTK, Qualcomm, Exynos) knowledge
Job Type: Full-time
Pay: From $131,000 per year excluding bonus and benefits.
Schedule:
The schedule for this position is project driven and can be highly variable depending on project deadlines and the specific needs of the software development teams.
Monday to Friday
Weekends as needed
Work Location: In person
group id: 91170845
