Location: Worldwide with preference for candidates in Europe
Zimperium® is an industry leader in enterprise mobile security, being the first and only company to provide a complete mobile threat defense system that offers real-time, on device world-class protection against both known and unknown next generation of advanced mobile cyberattacks and malware. Our MTD and award-winning machine learning-based engine protects against device, network, phishing and application attacks for IOS, Android and Windows devices, using a non-intrusive approach to always protect privacy of users.
We are seeking a highly skilled and inquisitive security engineer with deep technical expertise in mobile threat detection and operating system internals. This role focuses on researching, developing, and improving cutting-edge detection capabilities against techniques such as jailbreaking, hooking, and mobile application tampering. The ideal candidate combines strong technical depth with an open and adaptive research mindset, maintaining versatility across diverse security challenges. Proficiency in analyzing and coding for the iOS environment, as well as conducting and reviewing high-quality technical work, is essential for success in this position.
Key Responsibilities
Research and analyze advanced detection bypass techniques (e.g., jailbreaking, hooking, and runtime application/system tampering) to assess threats to our detection systems.
Evaluate and reverse-engineer tools and frameworks used to attack or evade our products, documenting findings and attack vectors.
Lead and participate in structured brainstorming sessions to generate novel detection ideas and countermeasures.
Design, prototype, and implement new detection techniques and algorithms for the iOS platform.
Develop, maintain, and improve internal tooling and automation to accelerate analysis, triage, and detection development.
Review and interpret forensic data provided by customers, produce clear technical reports, and provide actionable guidance and remediation support.
Perform and contribute to internal penetration testing and adversary emulation of newly introduced security features to validate effectiveness.
Write and publish technical blog posts to raise awareness of emerging security risks and share insights with customers and the wider security community.
Required Skills & Experience
Proven ability to collaborate effectively within a team environment, including forming and leading focused sub-groups to deliver specific project features or research objectives.
Strong knowledge of iOS operating system internals (e.g., sandboxing, code-signing), with a particular focus on runtime application security mechanisms and techniques for detecting system tampering and device compromise.
Proficiency in reverse engineering using tools such as IDA Pro, Ghidra, Hopper, or equivalent, including experience writing scripts, leveraging their SDKs, and isolating and reporting technical issues.
Demonstrated ability to think both offensively and defensively, approaching analysis tasks with the mindset of both an attacker and a defender.
Solid programming experience in C, Python, Objective-C and Swift, with the ability to produce efficient, maintainable, and secure code.
Good understanding of ARM64 assembly to develop really task specific and time critical functions.
Experience in data analysis methods applied to the forensics investigations is considered a plus.
Proficiency with debugging and dynamic binary instrumentation tools (e.g., LLDB, Frida, Objection, QBDI).
Capability to reverse engineer proprietary protocols and interprocess communication mechanisms (e.g., XPC, mach messages, IOKit).
Practical knowledge of jailbreak methods and iOS exploit classes (e.g., kernel exploits, sandbox escapes, code-signing bypasses), ideally experience in analyzing such exploits or exploit chains is a big plus.
Additional Information
Zimperium is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.
These cookies are necessary for the website to function and cannot be turned off in our systems. You can set your browser to block these cookies, but then some parts of the website might not work.
Security
User experience
Target group oriented cookies
These cookies are set through our website by our advertising partners. They may be used by these companies to profile your interests and show you relevant advertising elsewhere.
Google Analytics
Google Ads
We use cookies
🍪
Our website uses cookies and similar technologies to personalize content, optimize the user experience and to indvidualize and evaluate advertising. By clicking Okay or activating an option in the cookie settings, you agree to this.
The best remote jobs via email
Join 5'000+ people getting weekly alerts with remote jobs!
