Senior Malware Analyst (Android)

About The Position

Requirements

• Bachelor’s or Master’ degree in computer science, computer engineering, information systems or related discipline
• 3 - 5 years of hands-on Android App/SDK Reverse Engineering
• Strong understanding of Android operating system internals, security models, and application lifecycle
• Deep understanding of Android fundamentals: AOSP, app lifecycles, permissions, and architecture
• Strong grasp of mobile app store policies, particularly around Potentially Harmful Applications (PHAs), advertising abuse, and developer policy enforcement
• Experience performing reverse engineering using tools such as JADX, Ghidra, IDA Pro, Apktool, MobSF, and Frida
• Familiarity with Dalvik bytecode, APK/DEX/OAT formats, and JNI interactions
• Experience scripting in Python, Bash, or similar languages for automation
• Experience developing detection logic and malware signatures to assist in automated scanning and threat classification
• Expertise conducting open-source threat research using MITRE ATT&CK, VirusTotal, ExploitDB, and other intelligence platforms
• Proficiency in Java, Kotlin, JavaScript, and mobile frameworks like Flutter
• Familiarity with mobile malware behavior, network traffic analysis, and mobile-specific attack vectors
• Ability to write and analyze source code and leverage scripting (Python preferred) for task automation
• Understanding of secure development principles, security engineering, cryptographic risk, and system hardening

Nice To Haves

• Familiarity with ELF binary reverse engineering
• Exposure to SQL or similar query languages for data analysis
• Background in AI/ML for malware detection or behavioral analysis
• Experience with incident response, threat hunting, or SOC environments
• Strong analytical, interpersonal, and critical thinking skills
• Excellent written and verbal communication abilities, with a knack for conveying technical findings clearly

Responsibilities

• In-Depth Software Analysis: Perform comprehensive analysis of Android apps and SDKs to understand architecture, functionality, and security posture.
• Reverse Engineering: Apply expert-level techniques such as decompilation, disassembly, and dynamic debugging to dissect obfuscated or undocumented code.
• Risk & Threat Identification: Uncover malicious behavior, privacy violations, data exfiltration, and potential exploit vectors across Android platforms.
• Tool Creation & Automation: Build and refine custom tools and scripts to support automated reverse engineering workflows and large-scale analysis.
• Security Assessments: Evaluate the security of mobile applications and SDKs, producing reports and recommendations that align with industry and organizational standards.
• Threat Intelligence: Analyze current and emerging threats, malware trends, and attacker methodologies targeting Android environments.
• Cross-Team Collaboration: Share findings with stakeholders including developers, researchers, and security partners to improve product and platform security.
• Continuous Development : Keep pace with Android platform changes, new threat vectors, and advancements in reverse engineering tools and methodologies.

Benefits

• Highly competitive compensation and best in class benefits
• 100% of medical, vision, dental, and life insurance premiums paid for by SERVISS
• Opportunities for annual performance bonuses, growth incentives, and profit-sharing
• 401(k) retirement plan with 6% dollar for dollar match