Android Malware Reverse Engineer

Join our innovative team to develop disruptive solutions transforming secure mobility for Federal and Commercial customers. Our innovative solution puts the power and speed of the cloud on any mobile device to enable users access to critical data and apps through a separate, secure virtual workspace. From commercial IP to national security level intel, Hypori protects data from every type of threat with zero data at rest. You can learn more about Hypori at https://hypori.com/. At Hypori, we believe top talent deserves top benefits and a challenging yet rewarding work environment. We are committed to creating an inclusive workplace for our employees and customers that embrace our differences and perspectives – making us a stronger, more successful company.

Role Overview:
The Team is seeking a qualified reverse engineer with experienced technical skills to analyze Android and IOS apps as well as phone-based malware and perform technical research to support customer requests, incident response cases, and other internal Hypori teams.

The Android Malware Reverse Engineers will conduct reverse engineering, security assessments, code reviews, complex decompilation, unpacking, code review and malicious mobile software reviews. The goal of the work is to identify development flaws and injection points for malware and take action on apps at scale.

You will be responsible to develop static and dynamic signatures for mobile code, binaries, and executable code leading to the detection of a variety of threat types including malware, potentially unwanted programs (PUPs) and advanced persistent threats.

Responsibilities:
•    Provide timely identification and summarization of threats to the App and customers.
•    Respond to technical questions by other teams for inclusion of security.
•    Continually improve our malware-analysis and security pipeline workflow.
•    Extract configuration data from app malware using in-house tools and manual analysis.
•    Track relations between new threats and existing actors using in-house or specialized tools.
•    Contribute to active mitigation efforts and support incident response engagements with malware analysis capabilities and technical expertise.
•    Document threat evolutions and intelligence gaps for the broader Intelligence Team.

Requirements:
•    Hands on Experience with the following:
•    Java, Android, cellular Telecom device application, app development.  
•    Review malicious applications and SDKs by analyzing, unpacking and reverse engineering software that compromises Android devices.
•    Static and Dynamic App Analysis.
•    Experience with Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK analysis.
•    Code reviews for security policy violations, vulnerabilities, or improper coding practices.
•    Experience with Java, Kotlin, JavaScript, Python, and other mobile software languages.
•    In depth understanding of Android Internals in regard to app use and development.
•    Mobile Device Programing Languages.
•    Techniques utilized by malicious software to tamper with user devices and make removal more difficult.
•    Android Security Topics.
•    Mobile App store policies (Ads, PHAs, Developer, etc.).
•    Ability to read, comprehend and analyze source code software.

Required skills:
•    Team player: someone who is eager to help, teach, and learn from others.
•    Malware analysis experience.
•    Strong critical thinking skills.
•    Ability to express complex technical and non-technical concepts.
•    Ability to learn new analysis techniques quickly, especially when faced with less-common file types.
•    Knowledge of programming and scripting languages, in particular Python and Java.
•    Development of signatures (Yara, etc.).
•    Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.).
•    In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception.

Preferred skills:
•    In-depth knowledge of Windows and UNIX-based platforms.
•    Experience in binary instrumentation.
•    Experience identifying and classifying malicious tooling through development of signatures that can be used for tracking and hunting purposes.
•    A background in intelligence is a plus.

Education:
•    Associates/Bachelor’s Degree/master’s in computer science, computer engineering, CS, or information systems, or related discipline.
•    3-5 years of direct Android and reverse engineering.
•    In depth understanding and experience in Android internals.
•    OJT experience and professional certifications required.

#BI-Remote

Hypori Inc. provides a great and generous benefits package to include medical, dental and vision, PTO, and life & disability packages. We also invest in our employees' futures by providing, technical training, tuition reimbursement, a 401k plan with employer matching contribution with vesting starting from DAY 1, and much, much more.

Hypori Inc. is an equal opportunity employer. We are committed to providing equal opportunity to all applicants and employees in full compliance with all applicable state and federal laws prohibiting discrimination on the basis of race, color, age, gender, religion, national origin, disability, sexual orientation, and gender identity protected veteran status and individuals with disabilities, or any other class protected by applicable state or federal law.

A Veteran Friendly Organization

#Hypori

#BI-Remote