Android App Malware Reverse Engineer (Remote)

It's our mission, plain and simple. It drives everything we do - from research to client work to community involvement. And it unifies our global team into an elite force with integrity, fierce passion, and relentless creativity that doesn't just \"push the envelope\" or \"think outside the box.\" We shred the envelope, crush the box, and we have fun doing it. We are always looking for people who share our mission to join us.

About IOActive: IOActive, a trusted partner for Global 1000 enterprises, provides research‑fueled security services across all industries. Our cutting‑edge cybersecurity teams provide highly specialized technical and programmatic services including full‑stack penetration testing, program efficacy assessments, and hardware hacking. IOActive brings a unique attacker's perspective to every engagement to maximize cybersecurity investments and improve the security posture and operational resiliency of our clients. Founded in 1998, IOActive is headquartered in Seattle with global operations, including state‑of‑the‑art hardware hacking labs in Seattle, WA, Madrid, Spain and Cheltenham, UK.

Who You Are: An IOActive Android App Malware Reverse Engineer leverages their skills to make conclusive statements about specific security and privacy questions asked about selected Android Apps, as part of an effort to keep third‑party app stores safe. The candidate will be working at the highest escalation level, only handling engaging, challenging questions that could not be answered by lower malware analysis tiers. The candidate will be part of a structured team, working with Technical Project Managers and Team Leads. The nature and scale of the work ensures a fast‑paced, dynamic and engaging environment, with a strong opportunity of further technical growth and training on the job.

• Reverse engineering of Android apps
• Java‑based apps
• Native code is a strong plus
• Work with the Android platform and its security mechanisms
• Conduct vulnerability assessments and penetration testing
• Ability to work independently under deadline
• Knowledge of security‑related topics, such as authentication, entitlements, identity management, data protection, data leakage prevention, validation checking, encryption, hashing, principle of least privilege, software attack methodologies, secure data transfer, secure data storage
• Rigorous attention to detail and strong analytic skills
• Ability to write test plans based upon initial impressions and discussions with the team
• Comfortable navigating large codebases with minimal guidance
• Excellent command of written and spoken English
• Comfortable working as part of a multinational and multidisciplinary team
• Logical and structured approach to projects
• 3-5 years or more of relevant work experience in a high‑paced, enterprise consulting environment

• A chance to work with an industry leader in cybersecurity
• Access to world‑class technical teams and research
• A high‑energy, collaborative team that values innovation
• Opportunities for travel
• Competitive compensation and performance‑based incentives

If this sounds like your kind of challenge, we'd love to hear from you. Let's talk! This is a remote position so salary will be based on local market rates.

We have over 25 years of experience that is established and stable; yet high‑growth with the energy, passion and dynamic work environment of a startup. We are renowned for our innovation and thought leadership within our high‑profile, cutting edge space. We're one of \"the good guys\" doing crazy cool stuff to thwart bad guys in a critically important business, social and political arena. Our work is great fun with great importance. Above all else, we value our people and our customers. Relationships matter.

IOActive is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws. This policy applies to all employment practices within our organization, including hiring, recruiting, promotion, termination, layoff, recall, leave of absence, compensation, benefits, training, and apprenticeship. IOActive makes hiring decisions based solely on qualifications, merit, and business needs at the time.