RCT is currently sourcing iOS and/or Android Vulnerability Researchers to research and evaluate mobile devices. Our customer wants to know how iOS and Android mobile devices work and behave when broken and what cyber security technology must be implemented to secure a mobile device.
The iOS or Android Vulnerability Analyst will possess:
- A solid working knowledge of cyber security for mobile devices.
- An extensive understanding of iOS and/or Android internals.
- Software development experience using Swift and Objective-C, and C/C++.
- Knowledge of common vulnerability classes such as: Overflows, Use after Free, Information Disclosure, and Race Conditions.
Desired skills/experience (combination of the following):
- Minimum two (2) years’ related work experience
- Bachelor’s degree OR equivalent experience and education.
- Active TS/SCI clearance with ability to obtain a lifestyle poly.
- Darwin kernel internals (mach, libkern, and I/O kit).
- Safari or Chrome internals.
- Xcode and instruments.
- Developing embedded systems.
- Debuggers such as WinDBD, DDMS, or gdb.
- Reverse engineering tools such as IDA Pro, HexRays, Binary Ninja, or objdump.
- Jailbreaking iOS or Android devices.
- Knowledge of iOS or Android application and core frameworks.
- Knowledge of iOS or Android keychain.
- Knowledge of iOS or Android filesystem idiosyncrasies.
- Knowledge of iOS or Android security model (secure boot chain, secure enclave, code signing, data at rest encryption).
- Knowledge of ARMv8a 64-bit.
- Knowledge of network protocols (TCP/IP stacks, RF communications, routing protocols).
- Understanding of exploit mitigations (ASLR, W^X, and code signing).
RCT Systems is an Equal Employment Opportunity Employer. Qualified applicants will receive consideration for employment without regards to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.