Back to all jobs

Mobile Security and Vulnerability Engineer, Lead

Booz Allen

Jul 13

Mobile Security and Vulnerability Engineer, Lead

Key Role:

Leverage knowledge of technical work and expertise in problem-solving to tackle challenging, mission-critical projects that have a direct impact on national security and criminal investigations. Leverage expertise in software reverse engineering and vulnerability on embedded platforms, including Android and iOS, to discover security flaws, data leakages, and code exploitation vulnerabilities. Analyze proof of concept code and document discoveries for an internal knowledge base that will assist the intelligence community. Serve as a part of an experienced and diverse reverse engineering team working on cutting-edge technologies.

Basic Qualifications:

-3+ years of experience with vulnerability research, including reverse engineering or exploit development

-Experience with binary reverse engineering

-Experience with active debugging software, including Windbg, LLDB, GDB, or OllyDbg

-Knowledge of common processor architectures, including x86 and x64

-Ability to review source code and identify vulnerabilities

-Ability to work independently and with a team of reverse engineers, exploit developers, and software engineers

-Top Secret Clearance

-HS diploma or GED

Additional Qualifications:

-Experience with performing vulnerability research via source code review or fuzzing

-Experience with reverse engineering mobile platforms, including iOS and Android

-Experience with identifying and exploiting memory corruption bugs, including stack and heap overflows and with bypassing common exploit mitigation techniques, including ASLR or stack cookies

-Experience with software development in C/C++, C#, Java, or Python

-Experience with binary file format reverse engineering

-Experience with analyzing networking traffic, including using software, including Wireshark, Burp Suite, MITM, or related software

-Knowledge of basic cryptography concepts and common weaknesses

-Knowledge of penetration testing techniques on mobile and Web platforms, including session hijacking, cross-site scripting, or SQL injection

-Top Secret clearance

-Bachelor’s degree

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information; Top Secret clearance is required.

We’re an equal employment opportunity/affirmative action employer that empowers our people to fearlessly drive change – no matter their race, color, ethnicity, religion, sex (including pregnancy, childbirth, lactation, or related medical conditions), national origin, ancestry, age, marital status, sexual orientation, gender identity and expression, disability, veteran status, military or uniformed service member status, genetic information, or any other status protected by applicable federal, state, local, or international law.

#LI-Remote