Mobile Reverse Engineer

Security Clearance: Active TS/SCI w/ CI Poly eligibility

Location: NDCO in Bethesda, MD. 100% Onsite

Job Type: Full-Time

Target Salary Range*: $139,000 - $170,000.

*This represents the potential salary range for this position depending on education level, years of experience and/or certifications in addition to other position specific requirements which may impact salary

Position Overview:

• Mobile Software Reverse Engineering (with support to development and malware analysis efforts).

Key Responsibilities:

• • Conduct software exploitation against applications, middleware, operating systems (OS) user interface, OS drivers/runtimes, firmware and other binary data:
  • Working experience in software engineering and related technologies. Experience in sizing and scoping, in design, implementation and delivery of mobile application solutions using iOS and/or Android development environments.
  • Provide malicious code reverse engineering to isolate, review, analyze, and reverse-engineer potentially malicious programs recovered from compromised computer systems and networks.
  • Research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits.
  • Research behavior of binaries and share detailed understanding of how apps behave at memory/register level in support of technical exploitation operations.
  • Support efforts to design, prototype, document, test, conduct exploitation automation and transition code analysis methods and tools specific to technical exploitation operations.

Qualifications:

Education:

• Bachelor's degree and 8+ years experience, or Master's degree and 6+ years experience, or 3 years with PhD. A degree should be in one of these fields of study: Information Technology, Cybersecurity, Computer Science, Information Systems, Data Science, Mathematics, or Software Engineering. Relevant work experience should be within the past five years.
  In lieu of a degree in one of these fields of study, an additional 4 years of relevant experience or specialized training may be considered.
  

Experience:

• Proven ability to build, maintain, and leverage collaborative relationships with stakeholders across different government agencies, serving as an effective technical liaison.
• Experience establishing and managing formal partnerships between government entities (e.g., via Memoranda of Understanding or Inter-Agency Agreements) to achieve shared mission objectives.
• Exceptional communication skills, with a demonstrated ability to present complex technical information clearly and persuasively to diverse audiences, including non-technical decision-makers.
• Skilled in facilitating inter-agency working groups and building consensus among partners who may have differing priorities or organizational cultures.
• Strategic and proactive mindset with the ability to identify and develop new opportunities for cross-agency collaboration that advance the organization's mission.
• A strong sense of mission ownership and personal accountability, focused on elevating the team's role from a participant to a key contributor within the working group.
• Experience with Windows, Linux, Android, OS X, and iOS operating system & architecture.
• Experience in computer or cell phone architecture, system internals, operating systems, and/or boot process software engineering.
• Experience with static analysis tools such as IDA Pro, Ghidra and Binary Ninja.
• Experience with debugging tools such as WinDbg.
• Experience with virtualization, sandboxing, and emulation tools like VMware, KVM, QEMU and others.
• Working knowledge of programming languages such as C, C++, .NET, Python, Java, etc.
• Debug mobile applications' memory and performance issues.

Preferred Qualifications:

• Experience requiring a deep knowledge of Android and a strong passion in mobile industry and mobile development.
• Experience developing/designing mobile phone platforms highly desired.
  Experience in wireless API's (Wi-Fi, Bluetooth) preferred.
• Engineer software scripts in C, C++, and Java with emphasis on prototyping and API extraction.
• DoD 8570 Compliant, active IAT Level II certification.
• Additional active certifications: CFR, RCCE Level 1, CySA+, GCFA, GCFE.