Android App Malware Reverse Engineer (Remote)

IOActive

Tempo integralworldwideBased on local market rates
Android Java ReverseEngineering SecurityAnalysis MalwareAnalysis Encryption Hashing PrincipleOfLeastPrivilege SecureDataTransfer SecureDataStorage VulnerabilityAssessment PenetrationTesting Documentation TechnicalReports

Company Overview

IOActive is a trusted partner for Global 1000 enterprises, providing research-fueled security services across all industries. Founded in 1998 and headquartered in Seattle, IOActive offers cutting-edge cybersecurity teams that deliver highly specialized technical and programmatic services including full-stack penetration testing, program efficacy assessments, and hardware hacking. The company brings a unique attacker’s perspective to every engagement to maximize cybersecurity investments and improve the security posture and operational resiliency of clients. IOActive operates globally with state-of-the-art hardware hacking labs in Seattle, WA, Madrid, Spain, and Cheltenham, UK.

Job Title

Android App Malware Reverse Engineer (Remote)

Remote Location

Remote - United Kingdom, Brazil, Italy, Germany, Ireland, Poland, Romania, Czechia

Job Overview

An IOActive Android App Malware Reverse Engineer leverages their technical skills to make conclusive statements about specific security and privacy questions regarding selected Android Apps, as part of an effort to keep third-party app stores safe. The position involves working at the highest escalation level, handling only engaging and challenging questions that could not be answered by lower malware analysis tiers. The candidate will join a structured team, working with Technical Project Managers and Team Leads in a fast-paced, dynamic, and engaging environment with strong opportunities for technical growth and on-the-job training.

Job Responsibilities

  • Perform reverse engineering of Android applications with a focus on security analysis
  • Analyze Java-based applications for security vulnerabilities and privacy concerns
  • Examine native code within Android applications (strong plus)
  • Work extensively with the Android platform and its security mechanisms
  • Conduct comprehensive vulnerability assessments on mobile applications
  • Execute penetration testing specifically targeting Android apps and environments
  • Evaluate security and privacy questions to keep third-party app stores safe
  • Document findings and provide detailed technical reports to stakeholders

Requirements

  • 3-5 years or more of relevant work experience in a high-paced, enterprise consulting environment
  • In-depth knowledge of security-related topics including authentication, entitlements, identity management, data protection, and data leakage prevention
  • Understanding of validation checking, encryption, hashing, and principle of least privilege
  • Familiarity with software attack methodologies, secure data transfer, and secure data storage
  • Rigorous attention to detail and strong analytical skills
  • Ability to write test plans based on initial impressions and discussions with the team
  • Comfortable navigating large codebases with minimal guidance
  • Excellent command of written and spoken English
  • Ability to work independently under deadline pressure
  • Comfortable working as part of a multinational and multidisciplinary team
  • Logical and structured approach to projects

Preferred Qualifications

  • Experience with native code analysis in Android applications
  • Prior experience in malware analysis at senior levels
  • Knowledge of third-party app store security requirements

Benefits

  • Opportunity to work with an industry leader in cybersecurity
  • Access to world-class technical teams and research
  • High-energy, collaborative team environment that values innovation
  • Opportunities for travel
  • Competitive compensation and performance-based incentives
  • Remote work flexibility with salary based on local market rates

Why Join IOActive

With over 25 years of established experience, IOActive offers the stability of a mature company combined with the energy, passion, and dynamic work environment of a startup. The company is renowned for innovation and thought leadership in the high-profile, cutting-edge cybersecurity space. IOActive is committed to doing meaningful work that matters—thwarting bad actors in a critically important business, social, and political arena. Above all else, IOActive values its people and customers, believing that relationships matter.

Equal Opportunity Employer

IOActive is an equal opportunity employer committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. IOActive makes hiring decisions based solely on qualifications, merit, and business needs at the time.

How to Apply

If this sounds like your kind of challenge, we'd love to hear from you. Submit your application to join our elite team of cybersecurity professionals and help make the world a safer and more secure place.