Zimperium

Detection Researcher (Coding Focused)

Posted Yesterday

Be an Early Applicant

Hiring Remotely in Rīga

In-Office or Remote

Mid level

Machine Learning • Mobile • Security

The Role

Research, develop, and maintain advanced detection capabilities against mobile threats by analyzing bypass techniques, reverse-engineering tools, and improving detection algorithms.

Summary Generated by Built In

Location: Worldwide with preference for candidates in Europe

Zimperium® is an industry leader in enterprise mobile security, being the first and only company to provide a complete mobile threat defense system that offers real-time, on device world-class protection against both known and unknown next generation of advanced mobile cyberattacks and malware. Our MTD and award-winning machine learning-based engine protects against device, network, phishing and application attacks for IOS, Android and Windows devices, using a non-intrusive approach to always protect privacy of users.

We are currently looking for a Detection Researcher. This role involves researching, developing, and maintaining advanced detection and analysis capabilities to counter complex tampering and evasion techniques. The successful candidate will design new tools, improve existing ones, perform thorough code reviews, and help define and uphold high coding standards across the team. Strong programming skills and a collaborative mindset are essential. Experience with the LLVM framework and knowledge of code obfuscation and de-obfuscation techniques are considered strong assets.

Key Responsibilities

Research and analyze advanced detection bypass techniques (e.g., rooting, hooking, and runtime application/system tampering) to assess threats to our detection systems.
Evaluate and reverse-engineer tools and frameworks used to attack or evade our products, documenting findings and attack vectors.
Lead and participate in structured brainstorming sessions to generate novel detection ideas and countermeasures.
Help design, prototype, and implement new detection techniques and algorithms for different operating systems.
Help develop, maintain, and improve internal tooling and automation to accelerate analysis, triage, and detection development.
Perform and contribute to internal penetration testing and adversary emulation of newly introduced security features to validate effectiveness.
Conduct thorough code reviews and technical reviews of detection-related contributions to ensure quality, maintainability, and correctness.

Required Skills & Experience

Proven ability to collaborate effectively within a team environment, including forming and leading focused sub-groups to deliver specific project features or research objectives.
Proficiency in reverse engineering using tools such as IDA Pro, Ghidra, or equivalent, including experience writing scripts, leveraging their SDKs, and isolating and reporting technical issues.
Solid programming experience in C, C++, Python and Java, with the ability to produce efficient, maintainable, and secure code.
Good knowledge of the ELF and MachO file formats and a general good understanding on how to consult the official documentation.
Familiarity with the LLVM framework is considered a plus.
Knowledge of code obfuscation and de-obfuscation techniques, along with awareness of community tools and methodologies in this area, is a valuable asset.

Zimperium is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

Top Skills

C++

Ghidra

Ida Pro

Java

Llvm

Python

View all jobs at Zimperium

View Zimperium Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Dallas, TX

237 Employees

Year Founded: 2010

What We Do

Zimperium provides the only mobile security platform purpose-built for enterprise environments. With machine learning-based protection and a single platform that secures everything from applications to endpoints, Zimperium's solution provides on-device mobile threat defense to protect growing and evolving mobile environments.

Our solutions include zIPS which runs locally on any mobile device and detects cyberattacks without a connection to the cloud and our first-of-its-kind Mobile Application Protection Suite (MAPS), a comprehensive solution that helps organizations protect their mobile apps throughout their entire life cycle.

Zimperium’s MAPS is comprised of four solutions that help enterprises to build secure and compliant mobile applications. It is the only unified solution that combines comprehensive in-app protection with centralized threat visibility. zScan: Helps your mobile app development organization to discover and fix compliance, privacy, and security issues within the development process before you publicly release your apps; zKeyBox: Protects your secrets and keys so they cannot be discovered, extracted, or manipulated. zShield: Protects the source code, intellectual property (IP), and data from potential attacks like reverse engineering and code tampering. zDefend: Is an SDK embedded in apps to help detect and defend against device, network, phishing, and malware attacks.

Zimperium was the first MTD provider to be granted an Authority to Operate (ATO) status from the Federal Risk and Authorization Management Program (FedRAMP). Headquartered in Dallas, TX, Zimperium is backed by Liberty Strategic Capital and SoftBank.