Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Research Engineer - Cyber Security R & D (Static or Dynamic)

P

Provision People

Research Engineer - Cyber Security R & D (Static or Dynamic)

National
Full Time
Paid
Similar Jobs
  • Responsibilities

    Summary:

    Our award-winning client is looking for a Research Engineer to assist with the design and development of automated security analysis solutions for Android and iOS.

     

    Do NOT need any mobile (iOS or Android) experience, the client will teach mobile skills

     

    Responsibilities:

    • Problem-solving skills in a closely related area to software analysis and security testing.

    • Ability to present and move between details and the big picture.

    • Understanding the limits and the tradeoffs of the core problems we face at a fundamental level.

    • Ability to think systematically through a new problem comes up with and follow a research plan.

    • Ability to handle open-ended, non-SWE, problems.

    • Ability to implement solutions.

    • Develop novel tools for identifying potential security weaknesses and threat vectors in mobile apps and firmware.

    • Research emerging trends in the mobile application security landscape, e.g., as outlined in the National Institute of Standards and Technology (NIST) and National Information Assurance Partnership (NIAP) security standards.

    • Develop automated mobile security and privacy vetting solutions, including vulnerability identification and static/dynamic bitcode and native code analysis.

     

    Experience with at least one of the following:

    • Implemented an analysis to identify calls to sensitive APIs in iOS apps.

    • Implemented an analysis to detect PII leakages at runtime.

    • Implemented an analysis in WALA to abstract Java Bytecode traces into NLP-like sentences and detect missing nullity checks.

    • Implemented an analysis to detect OWASP Top 10 in Android/iOS apps.

    • Implemented an analysis to identify bugs at the source or binary level that match a given behavioral profile.

    • Implemented an analysis to separate library code from core code.

     

    Additional Skills Desired:

    • Bachelor or Master’s degree in Computer Science or related fields.

    • Desired Languages: Python, Java, C/C++, Shell Script, Objective C, Swift,

    • Sample Technologies (we just need strengths in 1 of these): Wala, Soot, Angr, Dyninst, Binary Ninja, IDA Pro, radare2, Phasar, LLVM IR, VAX

    • Familiarity with automated static and dynamic software analysis techniques.

    • R&D background in automated software security testing or a related field is a huge plus.

    • Familiarity with Android/iOS OS internals is a huge plus.