Reverse Engineer (Android)

Job Title:

About Trellix  
Trellix is a global company redefining the future of cybersecurity. The company’s comprehensive, open, and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at https://trellix.com.

Role Overview:

In support of our global Android Reverse Engineering program, we seek highly skilled Android App and SDK Reverse Engineers to join our team.  This role will involve analyzing and deconstructing Android applications and SDKs to identify potential security risks and gain insights into their underlying functionality.

Trellix is a global company redefining the future of cybersecurity. The company’s comprehensive, open, and native cybersecurity platform helps organizations confronted by today’s most advanced threats gain confidence in the protection and resilience of their operations. Trellix, along with an extensive partner ecosystem, accelerates technology innovation through artificial intelligence, automation, and analytics to empower over 50,000 business and government customers with responsibly architected security. More at https://trellix.com.

• Deep Dive Analysis: Conduct in-depth analysis of Android applications and SDKs to understand their codebase, architecture, functionality and to identify potential risks.

• Reverse Engineering Techniques: Employ advanced reverse engineering techniques to extract information from various codebases, including decompilation, disassembly, and debugging.

• Risk Identification: Identify user and device risk, data leakage, and malicious code execution within Android apps and SDKs.

• Threat Intelligence: Gather, analyze and report threat intelligence related to Android malware, exploits, and emerging security trends.

• Collaboration: Collaborate with security researchers, developers, and other stakeholders to share findings, provide recommendations, and contribute to the development of secure applications and ecosystem.

• We require a minimum of 3 - 5+ years of expertise in one or more of the following: Android Development, Reverse Engineering, Pentesting, Application Security Assessments, Capture the Flag (CTF).

• Our Android Reverse Engineering Program also requires hands on experience with the following:

  • Analyzing, unpacking, and reverse engineering code of malicious applications or SDKs.

  • Static and Dynamic Analysis Techniques

  • Reverse Engineering tools such as Jadx, Ghidra, Frida, IDA Pro, Burp, to perform binary and APK analysis

  • Java, Kotlin, JavaScript, Flutter, and other mobile software languages

  • ELF (Native Binaries) reverse engineering

  • Development of signatures (SQL, Yara, etc.)

• An understanding of the following topics will be greatly appreciated and utilized:

  • Android Fundamentals such as Android activity lifecycles, common Android API usage, AOSP, and how an Android application is created.

  • Techniques utilized by malicious applications to harm the user’s device or their data

  • Mobile App store policies (Ads, PHAs, Developer, etc.)

  • Network traffic analysis; security fundamentals

  • Research on threats such as APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)

  • Encoding and Cryptography 

  • Authentication mechanisms and security

  • Device rooting

  • Complex frameworks and application packers

Company Benefits and Perks:

We believe that the best solutions are developed by teams who embrace each other's unique experiences, skills, and abilities. We work hard to create a dynamic workforce where we encourage everyone to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.

• Retirement Plans

• Medical, Dental and Vision Coverage

• Paid Time Off

• Paid Parental Leave

• Support for Community Involvement

We're serious about our commitment to a workplace where everyone can thrive and contribute to our industry-leading products and customer support, which is why we prohibit discrimination and harassment based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.

Our Commitment to You:

At Trellix, we are committed to creating a safe and trustworthy experience for our customers, employees, and candidates. Please be aware that fraudulent recruiting activity can occur through fake job postings or impersonated communications.

Trellix conducts interviews through professional channels only and does not use text messages, instant messaging, or group chats for interviews. We will never request sensitive personal information—such as your date of birth, Social Security number, or national ID number—during the interview process.

Trellix also does not require candidates to pay fees, purchase products or services, or process payments of any kind as part of the recruiting or hiring process. And Trellix will never keep any original work authorization documents that we may be required to review during the hiring process.