Android Reverse Engineer

About Us: CirrusLabs is a leading consulting firm based in Alpharetta, GA, specializing in delivering innovative technical solutions to clients across various industries. We are committed to excellence, agility, and exceeding customer expectations. As we continue to grow, we are seeking a highly skilled Senior Technical Delivery Manager to join our team.

Job: Android Reverse Engineer

Mode: Hybrid, 3 days a week for now but can be fully on site and they should be ready to go onsite

Location: Austin TX, San Jose CA, Bothell WA

Duration: 2 year project

The Android Malware Reverse Engineers will conduct reverse engineering, security assessments, and code reviews. You will conduct and assist with complex decompilation, unpacking, code review and malicious mobile software reviews. The goal of the work is to identify families of malware and act on apps at scale. You will be responsible for developing static and dynamic signatures for mobile code, binaries, and executable code leading to the detection of a variety of threat types including malware, potentially unwanted programs (PUPs) and advanced persistent threats.

Additionally, you will identify weaknesses in detections and automations and make

recommendations for improvements in the detection process and automation pipeline. You are

required to write complex reports for consumption of non-technical audiences, review peer reports

and assist with investigations.

Requirements:

Hands on Experience with the following:

Analyzing, unpacking, and reverse engineering code of malicious applications or SDKs.

Static and Dynamic Analysis Techniques

Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK analysis

Java, Kotlin, JavaScript, Flutter, and other mobile software languages

ELF (Native Binaries) reverse engineering

Query languages such as SQL

Understanding of the following topics

Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an android application is created.

Java and/or Kotlin Programing Language

Techniques utilized by malicious software to harm the user's device or their data

Mobile App store policies (Ads, PHAs, Developer, etc.)

Ability to read, comprehend and analyze source code

Additional:

Development of signatures (Yara, etc.)

Research on threats such as APT using Open-Source Intelligence (Virus Total, Web,

ExploitDB, MITRE, etc.)

In depth knowledge of security engineering and analysis topics, computer and

network security, cryptography, authentication security, rooting, packing, network

protocols and interception

Nice to Have:

Experience with Vulnerability Analysis or security code review

Android Software Development Experience

Background / Familiarity with Content moderation

Participation in a Capture the Flag (CTF) for Mobile software

Pentesting, Blue Team, and/or Red Team experience

Professional Experience and Education

Associates/Bachelor's Degree/master's in computer science, computer engineering, CS, or information systems, or related discipline.

3-5 years of hands on Android and reverse engineering