Description :

Role Overview :

We are seeking an iOS Security Research Engineer with strong knowledge of iOS internals and hands-on experience in reverse engineering, application security testing, and vulnerability research. This role focuses on identifying weaknesses in iOS applications and the platform, bypassing security controls, and researching advanced exploitation techniques.

Key Responsibilities :

- Perform reverse engineering of iOS applications (IPA) using static and dynamic techniques

- Conduct iOS application penetration testing, including runtime hooking, method swizzling, and network traffic analysis

- Analyze and bypass common iOS security mechanisms such as SSL pinning, jailbreak detection, anti-debugging, and code obfuscation

- Research iOS internals including Objective-C/Swift runtime, Mach-O binaries, entitlements, code signing, and sandboxing

- Perform malware analysis of iOS samples and suspicious applications (good to have)

- Use, extend, and develop tooling for dynamic instrumentation and runtime analysis

- Replicate and study publicly known iOS vulnerabilities and exploits

- Participate in vulnerability research and exploitation, including logic flaws, sandbox escape concepts, exploit chaining, and basic memory corruption

- Produce detailed security research reports and proof-of-concepts

Must-Have Skills :

- Strong understanding of iOS fundamentals and iOS internals

- Proven experience in reverse engineering iOS applications

- Strong hands-on knowledge of iOS application penetration testing

- Experience replicating known iOS exploits and vulnerability PoCs

- Practical understanding of sandbox escape concepts and techniques

- Familiarity with exploit chaining in iOS attack scenarios

- Hands-on experience working with Corellium iOS environments

- Hands-on experience bypassing :

a. SSL pinning

b. Jailbreak detection

c. Runtime protections and anti-debugging

- Experience with runtime hooking and method swizzling

- Familiarity with tools including (but not limited to) :

a. Frida

b. Objection

c. Burp Suite

d. Metasploit

e. Xcode

f. class-dump / class-dump-z

g. lldb

- Basic familiarity with exploitation techniques and vulnerability research

Good-to-Have Skills :

- Experience with iOS malware analysis

- Hands-on experience with :

a. Jailbreaking iOS devices

b. Working in jailbroken environments and developing tweaks

- Familiarity with ARM64 architecture and Mach-O binary format

- Scripting skills (Python, JavaScript for Frida, Bash)