Job Title:Solution ConsultantAbout Trellix:Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s comprehensive, open and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at https://trellix.com .Role Overview:Android Reverse EngineerWe are seeking a highly skilled Android App and SDK Reverse Engineers to join our team. The ideal candidate will have a deep understanding of Android internals, a strong aptitude for reverse engineering techniques, and a passion for unraveling complex software. This role will involve analyzing and deconstructing Android applications and SDKs to identify potential security risks and gain insights into their underlying functionality.Responsibilities:Deep Dive Analysis: Conduct in-depth analysis of Android applications and SDKs to understand their codebase, architecture, and functionality.Reverse Engineering Techniques: Employ advanced reverse engineering techniques to extract information from various codebases, including decompilation, disassembly, and debugging.Risk Identification : Identify user and device risk, data leakage, and malicious code execution within Android apps and SDKs.Tool Development: Develop and maintain custom reverse engineering tools and scripts to automate tasks and improve efficiency.Security Assessment: Conduct security assessments of Android applications and SDKs to identify potential risks.Threat Intelligence: Gather and analyze threat intelligence related to Android malware, exploits, and emerging security trends.Collaboration: Collaborate with security researchers, developers, and other stakeholders to share findings, provide recommendations, and contribute to the development of secure software.Continuous Learning: Stay updated on the latest Android security threats, vulnerabilities, and reverse engineering techniques.Requirements:Hands on Experience with the following:
Analyzing, unpacking, and reverse engineering code of malicious applications or SDKs.
Ability to read, comprehend and analyze source code
Static and Dynamic Analysis Techniques
Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK analysis
Java, Kotlin, JavaScript, Flutter, and other mobile software languages
ELF (Native Binaries) reverse engineering
Query languages such as SQL
Understanding of the following topics
Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an android application is created.
Java and/or Kotlin Programing Language
Techniques utilized by malicious software to harm the user’s device or their data
Mobile App store policies (Ads, PHAs, Developer, etc.)
Network traffic analysis; security fundamentals
Additional:
Development of signatures (Yara, etc.)
Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception
Nice to Have:
Experience with Vulnerability Analysis or security code review
Android Software Development Experience
Background / Familiarity with Google Ads or Content moderation
Participation in a Capture the Flag (CTF) for Mobile software
Pentesting, Blue Team, and/or Red Team experience
Professional Experience and Education
Required:
3 - 5+ years experience in one or more of the following: Android Development, Reverse Engineering, Pentesting, Application Security Assessments
Preferred:
Associates/Bachelor’s Degree/master’s in computer science, computer engineering, CS, or information systems, or related discipline.
3 - 5 years of hands on Android App/SDK Reverse Engineering
Company Benefits and Perks:We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
Retirement Plans
Medical, Dental and Vision Coverage
Paid Time Off
Paid Parental Leave
Support for Community Involvement
We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
