Reverse Engineer (iOS or Android)

Job Description
ECS is seeking a Reverse Engineer (iOS or Android) to work in our Lorton, VA office.

ECS's National Security & Civilian Business unit is seeking a highly motivated Reverse Engineer (iOS or Android) to support a mission-focused portfolio of cyber research and development efforts and the IT infrastructure that enables them. The purpose of this initiative is to enhance and sustain capabilities in IT Support, IT Security, IT Services, and Administrative Compliance that directly underpin complex technical investigations across law enforcement and intelligence community agencies, where rapid advances in global communications, data networks, cellular systems, and the Internet technologies present constant operational challenges. Operating in a highly collaborative, Agile environment, this program leverages rapid research and development methods to create solutions to real-world operational problems, with emphasis on device exploitation, application analysis, and advanced reverse engineering of software, firmware, and embedded systems.

As a Reverse Engineer (iOS or Android) , you will apply deep reverse engineering skills to analyze binaries, firmware, and complex systems in support of cutting-edge cyber capabilities, vulnerability discovery, and exploitation and mitigation research. You will work closely with security analysts, developers, and mission stakeholders to uncover vulnerabilities, extract proprietary algorithms, understand low-level behaviors, and translate technical findings into actionable operational capabilities and clear, defensible documentation. Drawing on Agile practices, you will contribute to planning, execution, and continuous improvement of team workflows-helping drive efficiency, collaboration, and innovation while rapidly iterating on prototypes and research outcomes.

Responsibilities

• Reverse Engineering: Assist with conducting reverse engineering efforts to analyze software binaries, firmware, and systems, uncovering vulnerabilities, extracting proprietary algorithms, and understanding complex functionalities.
• Vulnerability Identification: Assist in the discovery and analysis of security vulnerabilities, weaknesses, and design flaws in software applications and systems through comprehensive reverse engineering techniques.
• Collaborative Problem-Solving: Collaborate closely with security analysts, developers, and stakeholders to address complex technical challenges, propose solutions, and drive implementation efforts.
• Documentation and Reporting: Document reverse engineering findings, analysis methodologies, and project progress. Prepare technical reports and presentations to communicate results, recommendations, and project status effectively.
• Continuous Improvement: Continuously improve reverse engineering processes and practices within the team. Identify opportunities for optimization, implement best practices, and drive innovation in reverse engineering techniques.

Required Skills

• Clearance Level Required: Top Secret. Willing/able to obtain and maintain an SCI w/CI Poly
• Bachelor's degree is preferred.
• 5+ years of professional experience in reverse engineering, cybersecurity, or software development roles, with exposure to reverse engineering activities.
• Experience researching and evaluating the security of iOS/macOS devices and/or Android operating systems.
• Must have experience using industry standard RE tools (IDA Pro, Ghidra, JEB, Hopper, etc.) to determine how closed-source software behaves.
• Experience in programming with any of the following: C, C++, Python, Swift, Rust, and ARM64 assembly.
• Experience with the exploitation of mobile devices and/or the software within mobile devices to enable access.
• 3+ years of experience in offensive cyber security (CNE)

Desired Skills

• Strong proficiency with disassemblers, debuggers, and tooling such as Ghidra, IDA Pro (and IDAPython), Radare2, GDB, x64dbg, and WinDbg.
• Hands-on experience with embedded systems, firmware, and FPGA/CPLD reverse engineering, including JTAG-based analysis and bitstream tooling.
• Demonstrated capability in binary exploitation (stack canaries, DEP/NX, ASLR/PIE, RELRO), ROP, heap exploitation, format string attacks, and shellcoding.
• Proficient in C/C++, Python, and Bash/shell scripting for tooling, PoCs, and exploit or implant development.
• Experience with malware analysis (static and dynamic), PE/ELF formats, Windows internals, and common sandbox/virtualization platforms.
• Familiarity with mobile application security (Android/iOS), including Frida-based instrumentation, rooting/jailbreaking, and APK/IPA analysis.
• Track record of participation in competitive IT/cybersecurity challenges that demonstrate advanced problem-solving in reverse engineering and exploitation.
• Ability to produce clear technical documentation, reports, and white papers for technical and non-technical audiences.
• Background in ethical hacking and/or testing software vulnerabilities with a working knowledge of hacking tools and techniques such as memory corruption exploits, buffer overflows, rootkits, protocol poisoning, MetaSploit, nmap, etc.
• Cybersecurity certifications (e.g. CISSP, CEH, Security+)

#ECS1

ECS is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.

ECS is a leading mid-sized provider of technology services to the United States Federal Government. We are focused on people, values and purpose. Every day, our 3300+ employees focus on providing their technical talent to support the Federal Agencies and Departments of the US Government to serve, protect and defend the American People.