Android Vulnerability Researcher
About The Position
Android Vulnerability Researcher Key Role: D eliver production-grade offensive capabilities that directly enable strategic intelligence collection and cyber effects missions. Discover and operationalize previously unknown vulnerabilities across the Android ecosystem, conducting advanced research on AOSP, OEM implementations, and trusted execution environments. Develop reliable exploits targeting user applications, system components, kernel, TrustZone, and baseband subsystems while engineering persistent CNO implants and infrastructure. Hold responsibilities for large-scale reverse engineering of closed-source binaries, bypassing modern mitigation. Author comprehensive technical documentation, contributing to capability roadmaps and emerging tradecraft, and leveraging AI and LLM-powered tooling to accelerate vulnerability discovery and exploit development.
Requirements
- 3+ years of experience with conducting vulnerability research, reverse engineering, or exploit development
- Experience with C, C++, Python, Java or Kotlin, and Android NDK and SDK
- Experience using IDA Pro, Ghidra, Binary Ninja, gdb, LLDB, Jadx, or Frida
- Experience in successfully discovering and exploiting vulnerabilities
- Experience defeating kernel hardening, sandboxing, and attestation mechanisms
- Experience with GitLab CI/CD for implant build pipelines
- Knowledge of ARM64 architecture and AArch64 assembly
- Ability to achieve code execution in ring-0 and TrustZone contexts
- TS/SCI clearance with a polygraph
- HS diploma or GED
- Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; TS/SCI clearance with polygraph is required.
Nice To Haves
- Experience with publishing research or tools in the offensive security community
- Experience providing operational support to IC or DoD cyber mission forces
- Experience contributing to mobile exploit frameworks or public Common Vulnerabilities and Exposures (CVE) discoveries
Responsibilities
- Deliver production-grade offensive capabilities that directly enable strategic intelligence collection and cyber effects missions.
- Discover and operationalize previously unknown vulnerabilities across the Android ecosystem, conducting advanced research on AOSP, OEM implementations, and trusted execution environments.
- Develop reliable exploits targeting user applications, system components, kernel, TrustZone, and baseband subsystems while engineering persistent CNO implants and infrastructure.
- Hold responsibilities for large-scale reverse engineering of closed-source binaries, bypassing modern mitigation.
- Author comprehensive technical documentation, contributing to capability roadmaps and emerging tradecraft, and leveraging AI and LLM-powered tooling to accelerate vulnerability discovery and exploit development.
Benefits
- health
- life
- disability
- financial
- retirement benefits
- paid leave
- professional development
- tuition assistance
- work-life programs
- dependent care
- recognition awards program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED
Number of Employees
1-10 employees
