We are hiring security researchers with a special interest in mobile applications. The right candidate enjoys researching new code hardening techniques, creating internal & external educational materials and pentesting mobile applications. Relevant knowledge domains for this position include:
- mobile environment verification (detection of root/jailbreak, debugger, emulator,...),
- advanced static analysis (symbolic execution, program synthesis,... ),
- DBI and anti-DBI techniques,
- state-of-the art control and data flow obfuscation techniques and their relevant components (i.e. all kinds of opaque predicates, code virtualization,...),
- common security issues in typical Android and iOS applications,
To be successful in this role, the ideal candidate should excel in verbal and written communication of complex topics. Creativity and the ability to think out-of-the-box are essential for this role.
We’re expanding an existing team of researchers with similar skills and interests. The team is responsible for providing proof of concepts, research, analysis,... to other more development-oriented engineering teams as well as occasionally the marketing and product departments.
- Good knowledge of either Java, C or C++.
- 3 or more years of experience in either a mobile security domain or obfuscation in general.
- Reverse engineering experience (familiarity with Ghidra, IDA, JEB, Hopper, r2 or similar).
- Experience in dynamic analysis and DBI with e.g. Frida or similar tooling.
- Excellent verbal and written communication skills in English.
- Knowledge of under-the-hood Linux and XNU concepts.
- Previous (academic) experience with code transformation and compilers.
- Mobile application pentesting experience.
- Familiarity with mobile app development (Android, iOS, ProGuard and/or DexGuard,...)
What we offer
- Challenging, interesting and diversified work.
- Opportunity to contribute to industry leading mobile security tooling.
- The opportunity to improve your skills on a personal and a technological level.
- A competitive salary package with benefits.
- An inspiring work environment with smart, driven colleagues.
Guardsquare is the leader in mobile application protection. More than 700 customers worldwide, across all major industries, rely on Guardsquare to secure their mobile applications against reverse engineering and hacking. Built on the open source ProGuard technology, Guardsquare software integrates transparently in the development process and adds multiple layers of protection to Android (DexGuard) and iOS (iXGuard) applications, hardening them against both on-device and off-device attacks. With the addition of ThreatCast, Guardsquare’s mobile application security console, the organization offers the most complete mobile security solution on the market today. Guardsquare is based in Leuven, Belgium with offices in Boston, MA, USA, Ottawa, Canada and Munich, Germany.
Become our colleague!
Send us your CV and why you are interested in this job.