Android Security Research Engineer

Role Overview :

We are looking for an Android Security Research Engineer who is passionate about understanding Android internals, breaking application and platform defenses, and conducting deep vulnerability research at both the application and system level. The ideal candidate has strong hands-on experience in reverse engineering, mobile application pentesting, exploit analysis, and security research, with exposure to kernel- and framework-level attack surfaces.

Key Responsibilities :

- Perform reverse engineering of Android applications (APK/AAB) to identify security flaws, logic issues, and weak security implementations

- Conduct Android application penetration testing, including runtime manipulation, hooking, and traffic interception

- Analyze and bypass common mobile security controls such as SSL pinning, root detection, anti-debugging, tamper protection, and obfuscation

- Research Android internals including the Android framework, ART/Dalvik runtime, system services, Binder IPC, and permission model

- Perform dynamic and static analysis of Android malware and suspicious applications (good to have)

- Develop, customize, and maintain Frida scripts, Objection workflows, and custom tooling for security research

- Replicate and analyze publicly known Android vulnerabilities and exploits to understand root causes and impact

- Assist in vulnerability research and exploitation, including logic flaws, exploit chaining, and basic memory corruption concepts

Must-Have Skills :

- Strong understanding of Android fundamentals and Android internals (framework and system architecture)

- Hands-on experience with Android kernel concepts and attack surface awareness

- Proven experience in reverse engineering Android applications

- Strong hands-on knowledge of Android application penetration testing methodologies

- Experience replicating and analyzing known Android exploits and adapting PoCs

- Familiarity with exploit chaining concepts in mobile attack scenarios

- Hands-on experience working with Corellium Android environments for security research and testing

- Practical experience bypassing :

• SSL pinning
• Root detection
• Anti-debugging and runtime protections

• ADB
• Android Studio
• Frida
• Objection
• Pidcat
• Burp Suite
• Metasploit

- Experience with Android malware analysis

• Bootloader unlocking
• Rooting Android devices
• Custom ROMs or recovery environments