We are looking for experienced and passionate people who have a background in vulnerability research, offensive security and reverse engineering on Apple platforms.
The role:
You'll join our team looking to identify vulnerabilities in Apple platforms using both static and dynamic analysis techniques.
You'll develop Proof-of-Concepts for vulnerabilities identified.
You'll use common VR toolsets such as fuzzers, LLMs and reverse engineering tools; as well as have access to custom tooling built in-house (along with developing your own!).
You'll need to present your findings in a useful and accessible way to others.
You'll have access to internal and external training and conferences to refine and hone your skillsets.
The ideal candidate:
Developed tools and proof of concepts in a modern programming language such as Python and Rust.
Skills in debugging and hacking around with low level or other relevant languages such as C, Swift, C++, Objective C, etc.
Ability to reverse engineer ARM64 binaries using common toolsets such as IDA, Binary Ninja and Frida.
Interest and a passion in learning new things, taking them apart, and getting stuck into new problems and challenges.
Desirable technical experience:
Research on the low-level internals of Apple platforms, including topics such as runtime internals, platform security features and exploit mitigations.
Reverse engineering and vulnerability research on userland components on Apple platforms including XPC protocols, private frameworks and userland system daemons.
iOS application reverse engineering and bug hunting, looking for weaknesses, logic bugs and memory corruption issues.
Kernel or system level software internals and vulnerability research, for example XNU code review or IOKit reverse engineering and exploitation.
Salary:
Packages are competitive and differ according to researcher experience. Full details can be discussed upon an invitation to interview.
Perks and benefits:
25 days annual leave, rising by 1 day per year up to 28 days + bank holidays
Annual bonus based on company targets
6% matched pension
Training and conference budgets
Private medical insurance
Employee assistance program
4x death in service
Cycle to work scheme
Company socials throughout the year
Free soft drinks, hot drinks, beer and snacks in office
The location:
You'll have the opportunity to work remotely, from our office in the centre of Basingstoke, UK (6-minute walk from the local shopping centre & train station) or from our London office (Southwark).
We are proud to be accredited with the Workplace Wellbeing Charter.
Interrupt Labs is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
We aim to respond to all candidates via email within a week of their application. Please note that emails may go to your spam or junk folder.
Skills Required
- Background in vulnerability research, offensive security and reverse engineering on Apple platforms.
- Developed tools and proof-of-concepts in modern languages such as Python and Rust.
- Proficiency with low-level languages and debugging: C, Swift, C++, Objective-C.
- Ability to reverse engineer ARM64 binaries using IDA, Binary Ninja and Frida.
- Experience using fuzzers and LLMs as part of vulnerability research toolsets.
- Ability to present technical findings clearly to others.
- Research experience with low-level Apple internals, runtime internals, platform security features and exploit mitigations.
- Reverse engineering and vulnerability research on userland components (XPC protocols, private frameworks, system daemons).
- iOS application reverse engineering and bug hunting (logic bugs, memory corruption).
- Kernel or system-level internals research experience (XNU code review, IOKit reverse engineering and exploitation).
What We Do
Interrupt Labs is a specialized computer security firm dedicated to providing world-leading vulnerability research and capabilities. The company's expert team leverages a diverse range of backgrounds across the security landscape to tackle complex challenges. They provide their research services to a variety of high-stakes sectors, including telecommunications, banking, and government entities, focusing on targets such as browsers, mobile devices, and automotive systems.
.png)
