Job Title:
Solution Consultant
About Trellix:
Trellix is a global company redefining the future of cybersecurity and soulful work. The company’s comprehensive, open and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at https://trellix.com.
Role Overview:
This role will involve analyzing and deconstructing Android applications and SDKs to identify potential security risks and gain insights into their underlying functionality.
We are seeking a highly skilled Android App and SDK Reverse Engineers to join our team. The ideal candidate will have a deep understanding of Android internals, a strong aptitude for reverse engineering techniques, and a passion for unraveling complex software. This role will involve analyzing and deconstructing Android applications and SDKs to identify potential security risks and gain insights into their underlying functionality.
Responsibilities:
Deep Dive Analysis: Conduct in-depth analysis of Android applications and SDKs to understand their codebase, architecture, and functionality.
Reverse Engineering Techniques: Employ advanced reverse engineering techniques to extract information from various codebases, including decompilation, disassembly, and debugging.
Risk Identification: Identify user and device risk, data leakage, and malicious code execution within Android apps and SDKs.
Tool Development: Develop and maintain custom reverse engineering tools and scripts to automate tasks and improve efficiency.
Security Assessment: Conduct security assessments of Android applications and SDKs to identify potential risks.
Threat Intelligence: Gather and analyze threat intelligence related to Android malware, exploits, and emerging security trends.
Collaboration: Collaborate with security researchers, developers, and other stakeholders to share findings, provide recommendations, and contribute to the development of secure software.
Continuous Learning: Stay updated on the latest Android security threats, vulnerabilities, and reverse engineering techniques.
Requirements:
Hands on Experience with the following:
- Analyzing, unpacking, and reverse engineering code of malicious applications or SDKs.
- Ability to read, comprehend and analyze source code
- Static and Dynamic Analysis Techniques
- Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK analysis
- Java, Kotlin, JavaScript, Flutter, and other mobile software languages
- ELF (Native Binaries) reverse engineering
- Query languages such as SQL
Understanding of the following topics
- Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an android application is created.
- Java and/or Kotlin Programing Language
- Techniques utilized by malicious software to harm the user’s device or their data
- Mobile App store policies (Ads, PHAs, Developer, etc.)
- Network traffic analysis; security fundamentals
Additional:
- Development of signatures (Yara, etc.)
- Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
- In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception
Nice to Have:
- Experience with Vulnerability Analysis or security code review
- Android Software Development Experience
- Background / Familiarity with Google Ads or Content moderation
- Participation in a Capture the Flag (CTF) for Mobile software
- Pentesting, Blue Team, and/or Red Team experience
Professional Experience and Education
- Required:
- 3 - 5+ years experience in one or more of the following: Android Development, Reverse Engineering, Pentesting, Application Security Assessments
- Preferred:
- Associates/Bachelor’s Degree/master’s in computer science, computer engineering, CS, or information systems, or related discipline.
- 3 - 5 years of hands on Android App/SDK Reverse Engineering
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
- Retirement Plans
- Medical, Dental and Vision Coverage
- Paid Time Off
- Paid Parental Leave
- Support for Community Involvement
We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.