Send me more jobs like this

Mobile Security Researcher

Keywords / Skills : iOS, Android security, implementation, mitigation control, Mobile Security Researcher, Syzkaller, Difuze

0 - 0 years
Posted: 2018-05-16

Job Description
Mobile Security Researcher

This is an exciting role responsible for discovering and exploiting vulnerabilities affecting high profile off-the-shelf and commercial applications and appliances. The work includes bug hunting, reverse engineering, vulnerability analysis, exploitation and tool development.

Primary Responsibilities:
  • Conduct zero-day vulnerability research on iOS or Android platform at user and kernel space. 
  • Build in-house fuzzer and/or leverage on open-source fuzzing frameworks, such as AFL, Syzkaller and Difuze, for fuzzing 
  • Assess if identified vulnerabilities are exploitable and determine the root-cause, using reverse engineering techniques such as static and dynamic binary analysis 
  • Develop proof of concept exploits to reproduce and demonstrate the impact of vulnerabilities 
  • Write summary and technical reports on new vulnerabilities 
  • Document and enhance the research framework, methodology and processes 

Desired Traits: 

  • A drive to succeed and a passion for low-level security, vulnerabilities and exploits 
  • A keen eye for detail and a persistent attitude to explore all avenues 
  • Able to work collaboratively in a team environment while also being self-motivated to effectively work independently. 
  • Organized thinking and excellent problem-solving with the ability to think "out of the box" 
  • B.S degree in Computer Science, Computer Engineering or a related field preferred 
  • Knowledge of iOS/Android security frameworks – their implementation and mitigation controls 
  • Keep up-to-date with the latest security vulnerabilities (e.g. reported CVEs), their impact and exploitation techniques 
  • Hands-on experience with open-source fuzzing frameworks, such as Syzkaller and Difuze, is a plus 
  • Demonstrated experience in researching vulnerabilities or participating in bug bounty programs or other security related activities is advantageous 
  • Senior and entry-level positions available 

About Company

At Xerodaylabs, a division of D’Crypt, you will get to perform zero-day vulnerability research with a dynamic team of security researchers from diverse backgrounds with distinguished credentials and experience, in a highly collaborative environment.

We specialize in providing knowledge of software vulnerabilities to our customers as well as research cutting-edge tools to power the vulnerability discovery, analysis and exploitation process.
Similar Jobs
View All Similar Jobs

Walkin for you