Posted:
6/12/2024, 5:00:00 PM
Location(s):
Austin, Texas, United States ⋅ Texas, United States
Experience Level(s):
Senior
Field(s):
Software Engineering
Job Title:
Technical Team LeadRole Overview:
Technical Team Lead for the Android SDK Risk Team.The Technical Team Lead is responsible for leading, mentoring, and inspiring a team of talented individuals who are passionate about uncovering the inner workings of Android applications. In addition to leading the team, you will conduct reverse engineering, security assessments, and code reviews. You will conduct and assist with complex decompilation, unpacking, code review and malicious mobile software reviews. The goal of the work is to identify families of malware and act on apps and SDKs at scale. You will be responsible for developing static and dynamic signatures for mobile code, binaries, and executable code leading to the detection of a variety of threat types including malware, potentially unwanted programs (PUPs) and advanced persistent threats.
Additionally, you will identify weaknesses in detections and automations and make recommendations for improvements in the detection process and automation pipeline. You are required to write complex reports for consumption of non-technical audiences, review peer reports and assist with investigations.
Requirements:
Leadership Experience:
Experience with leading and mentoring teams on service delivery projects
Defining technical direction, setting goals, and prioritizing tasks for team members
Ensuring service delivery quality objectives are met
Transforming client requirements into successful delivery outcomes
Providing thought-leadership and innovative solutions to improve service delivery
Hands on Experience with the following:
Analyzing, unpacking, and reverse engineering code of malicious applications or SDKs.
Static and Dynamic Analysis Techniques
Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK analysis
Java, Kotlin, JavaScript, Flutter, and other mobile software languages
ELF (Native Binaries) reverse engineering
Query languages such as SQL
Understanding of the following topics
Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an android application is created.
Java and/or Kotlin Programing Language
Techniques utilized by malicious software to harm the user’s device or their data
Mobile App store policies (Ads, PHAs, Developer, etc.)
Ability to read, comprehend and analyze source code
Additional:
Development of signatures (Yara, etc.)
Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
In depth knowledge of security engineering and analysis topics, computer and network security, cryptography, authentication security, rooting, packing, network protocols and interception
Nice to Have:
Experience with Vulnerability Analysis or security code review
Android Software Development Experience
Background / Familiarity with Google Ads or Content moderation
Participation in a Capture the Flag (CTF) for Mobile software
Pentesting, Blue Team, and/or Red Team experience
Professional Experience and Education
Required:
None.
Preferred:
Associates/Bachelor’s Degree/master’s in computer science, computer engineering, CS, or information systems, or related discipline.
3-5 years of hands on Android and reverse engineering
Company Benefits and Perks:
We work hard to embrace diversity and inclusion and encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
We're serious about our commitment to diversity which is why we prohibit discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
Website: https://trellix.com/
Headquarter Location: San Francisco, California, United States
Employee Count: 1001-5000
Year Founded: 2022
IPO Status: Private
Last Funding Type: Venture - Series Unknown
Industries: Cyber Security ⋅ Information Technology ⋅ Network Security