iOS Vulnerability Researcher

About The Position

Requirements

• Background in vulnerability research, offensive security and reverse engineering on Apple platforms.
• Developed tools and proof of concepts in a modern programming language such as Python and Rust.
• Skills in debugging and hacking around with low level or other relevant languages such as C, Swift, C++, Objective C, etc.
• Ability to reverse engineer ARM64 binaries using common toolsets such as IDA, Binary Ninja and Frida.
• Interest and a passion in learning new things, taking them apart, and getting stuck into new problems and challenges.

Nice To Haves

• Research on the low-level internals of Apple platforms, including topics such as runtime internals, platform security features and exploit mitigations.
• Reverse engineering and vulnerability research on userland components on Apple platforms including XPC protocols, private frameworks and userland system daemons.
• iOS application reverse engineering and bug hunting, looking for weaknesses, logic bugs and memory corruption issues.
• Kernel or system level software internals and vulnerability research, for example XNU code review or IOKit reverse engineering and exploitation.

Responsibilities

• Identify vulnerabilities in Apple platforms using both static and dynamic analysis techniques.
• Develop Proof-of-Concepts for vulnerabilities identified.
• Use common VR toolsets such as fuzzers, LLMs and reverse engineering tools.
• Utilize custom tooling built in-house and develop your own.
• Present findings in a useful and accessible way to others.
• Refine and hone skillsets through internal and external training and conferences.

Benefits

• 25 days paid vacation + federal holidays
• Annual bonus based on company targets
• Matched 401k scheme up to 4%
• Healthcare, dental and vision cover
• Training and conference budgets
• Employee assistance program
• Company socials throughout the year