We're seeking an expert Android security researcher to conduct deep vulnerability research at the lowest layers of Android. You'll own end-to-end research from attack surface mapping through bug discovery to exploit development. This role requires extensive low-level skills and proven experience bypassing modern Android mitigations.
Key Highlights
Key Responsibilities
Technical Skills Required
Nice to Have
Job Description
We're a focused, fully remote team doing deep security research at the lowest layers of Android. Our work is reverse engineering, vulnerability discovery, and writing exploits that hold up against modern devices and their defenses.
You'll own end-to-end Android vulnerability research from mapping attack surface and reversing system and kernel components, through bug discovery, to writing proof-of-concept exploits that work on current devices and Android versions. This is deep, hands-on, research-driven work for someone already operating at an expert level.
What you'll do
- Research attack surface across the Android stack. the Linux kernel, system services, drivers, and the TEE.
- Reverse engineer native binaries, firmware, and apps using tools like IDA Pro and Ghidra.
- Discover vulnerabilities through code auditing, fuzzing, and static/dynamic analysis.
- Develop reliable proof-of-concept exploits and bypass modern Android mitigations (SELinux, verified boot, ASLR, CFI, and more).
- Build custom tooling to scale your analysis, and document findings for the team.
Interested in remote work opportunities in Mobile? Discover Mobile Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
What we're looking for
- Extensive, demonstrable experience (3+ years) in vulnerability research, reverse engineering, and exploit development, with a strong Android / Linux focus.
- Strong low-level skills: C/C++, ARM/ARM64 assembly, and Python; comfortable reading Java/Kotlin during reverse engineering.
- Deep knowledge of Android and Linux internals (kernel, Binder, SELinux, the ART runtime) and modern exploit-mitigation bypass techniques.
- Solid command of memory-corruption bug classes and modern kernel and userland exploitation on Android.
- A proven track record of turning bugs into working PoCs independently.
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
Nice to have
- Public roots, assigned CVEs, strong CTF results, or conference talks.
- Baseband, TEE, or bootloader research.
- Experience building fuzzers and automated VR pipelines.
Similar Jobs
Explore other opportunities that match your interests
Senior Mobile Software Engineer - Tailscale
Tailscale
Tenth Revolution Group
Senior iOS Software Engineer
