Reverse Engineer Android Apps & SDKs

Role Overview: As an Android Reverse Engineer (Mid/Senior Level), you will be responsible for dissecting Android apps and SDKs to uncover vulnerabilities and provide actionable insights to strengthen mobile ecosystem security. Your role will involve deep hands-on experience in reverse engineering, malware analysis, static/dynamic analysis, and tool development. You must possess an analytical mindset and curiosity for understanding the complexities of mobile software below the surface. Key Responsibilities: - Perform in-depth static and dynamic analysis of Android applications and SDKs, including obfuscated and packed binaries. - Utilize tools such as Ghidra, Jadx, IDA Pro, Frida, Burp Suite, Objection, and Xposed for reverse engineering APKs and native libraries (ELF binaries). - Analyze app logic, SDK integrations, and network behavior to identify data leaks, malicious code, privacy violations, and potential exploitation vectors. - Assess apps for compliance with Google Play policies and security best practices. - Develop and maintain custom tools and scripts for automated analysis, unpacking, and threat detection. - Write signatures (YARA, Sigma) and contribute to internal detection frameworks. - Monitor emerging malware families, exploitation techniques, and Android threat trends. - Collaborate with researchers and developers to report findings and remediation measures. - Continuously learn and stay updated on Android OS internals and security evolutions. Qualification Required: - 4 to 7 years of hands-on experience in Android reverse engineering or mobile malware analysis. - Expert knowledge of Android internals, AOSP, app architecture, and security model. - Strong experience with Jadx, Ghidra, IDA Pro, Frida, Objection, MobSF. - Familiarity with ELF binary analysis and ARM/ARM64 assembly. - Proficiency in Java, Kotlin, C/C++, JavaScript, and ideally Flutter/Dart. - Strong understanding of network analysis, interception proxies (Burp, mitmproxy), and cryptography fundamentals. - Knowledge of malware techniques, exploit methods, and mobile security frameworks (OWASP MASVS, MSTG). - Ability to write YARA rules and heuristic signatures. - Participation in CTFs or bug bounty programs related to mobile security. - Familiarity with Google Play policies, Red/Blue Team operations, or forensics. - Threat Intelligence: VirusTotal, Hybrid Analysis, MITRE ATT&CK, Malpedia.,