8kSec Academy
Affiliate Program Terms & Conditions
NOTE: remember to keep clause 11. Commission and Referral Fees updated
(1) These Terms & Conditions apply to participants in the 8kSec LLC Partners Affiliate Program (the "Program").
(2) In these Terms & Conditions, "Company", "we", "us", and "our" means 8kSec LLC, the brand owned and operated by 8kSec L.L.C., a company registered in USA.
(3) In these Terms & Conditions, "Affiliate", "you" and "your" means the individual or organization that is applying to become a participant in the Program and who will accept these Terms & Conditions upon joining the same.
(4) By accepting these Terms & Conditions you agree to be bound by them and shall enter into a binding agreement with us (the "Agreement").
1. Definitions and Interpretation
- 1.1 In these Terms & Conditions the following terms shall have the following meanings:
- "Business Day" means any day other than Saturday or Sunday that is not a bank or public holiday;
- "Cancellations Policy" means our cancellations policy which can be found at academy.8ksec.io/terms;
- "Commencement Date" means the date of your acceptance;
- "Commission Rate" means the percentage of commission paid on net sales revenue set out in Sub-clause 11.2;
- "Confidential Information" Third-party Cookies are not placed by Us; instead, they are placed by third parties that provide services to Us and/or to you. Third-party Cookies may be used by advertising services to serve up tailored advertising to you on Our Site, or by third parties providing analytics services to Us (these Cookies will work in the same way as analytics Cookies described above).
- "Current Term" means the Term that the Parties may be in at any given time;
- "Direct Referral" means a sale of a Service Package to a customer who has been led to our website through your website where that customer can be tracked directly from your site to ours without any further intermediaries;
- "Intellectual Property Rights" means any rights subsisting in a copyright work, trade mark, patent or design and shall be construed in accordance with the Copyright Designs and Patents Act 1988, Trade Marks Act 1994 and Patents Act 1977;
- "Registered Email Address" means the email address of the Affiliate as provided in your Registration Data;
- "Registration Data" means the information provided by the Affiliate when registering for enrolment in the Program;
- "Service Package" means a particular set of services available from us through our website as defined in Clause 7; and
- "Term" means the term of the Agreement, as defined in Clause 17 of these Terms & Conditions, during which you shall participate in the Program under the terms and conditions set out in the Agreement.
2. Enrolment in the Program
- 2.1 By enrolling in the Program you agree that, at the time of registration, you will provide accurate and complete Registration Data and that you shall inform us of any changes in your Registration Data.
- 2.2 Upon your acceptance of these Terms & Conditions, subject to our approval and sub-clause 2.4 below, the agreement is deemed to be in effect. You will not be sent a signed Affiliate Agreement in hard copy.
- 2.3 We may, at our sole discretion, review your website following your acceptance of these Terms & Conditions. You will be informed within 10 Business Days of the outcome of your application. Following your acceptance of these Terms & Conditions, you will receive further instructions and guidance to allow you to commence marketing our goods.
- 2.4 We may, in our sole discretion, choose to reject any application for any reason (and are under no obligation to disclose such reasons). Reasons for which an Application may be rejected include, but are not limited to, content on your website that:
- 2.4.1 is in any way unlawful, harmful, threatening, obscene, harassing, discriminatory, defamatory or otherwise objectionable;
- 2.4.2 facilitates or promotes violence, terrorism, or any other criminal activity;
- 2.4.3 is sexually explicit; or
- 2.4.4 infringes or assists or encourages the infringement of any intellectual property rights belonging to any party.
3. Company / Affiliate Relationship
- 3.1 Nothing in these Terms & Conditions shall constitute, or be deemed to create, a partnership between the Parties; nor, except as expressly provided, shall it designate, or be deemed to designate, any Party the agent of any other Party for any purpose.
- 3.2 Subject to any express provisions to the contrary in these Terms & Conditions, you shall have no right or authority to and shall not do any act, enter into any contract, make any representation, give any warranty, incur any liability, assume any obligation, whether express or implied, of any kind on our behalf or bind us in any way.
4. Website Links
- 4.1 In your Affiliate Dashboard will be the requisite materials for a hyperlink to our website. These materials will include the HTML code for the link and/or a selection of graphics files to which the HTML code should be applied.
- 4.2 The HTML code as it appears in your Affiliate Dashboard must be copied exactly and not altered in any way. Failure to comply with this condition may result in your receiving no credit for sales of Service Packages that are generated through your website.
- 4.3 Under no circumstances may any of the graphics files provided by us be modified in any way without our prior written authorisation. You may not use graphics files of your own to link to our site.
- 4.4 All graphics files that we may provide for use as links may be displayed throughout your website as you deem appropriate, subject to our prior consent (which shall not be unreasonably withheld) which must be obtained in all cases. We reserve the right to request the alteration or removal of a link from your website.
- 4.5 You are required to assume full responsibility to maintain all links to our website from your website.
5. Site Maintenance and Content
- 5.1 Each Party shall be exclusively responsible for maintaining and updating its own website. Subject to the provisions of this Clause 5 and Clause 14 below, neither Party shall have any obligations to the other Party in relation to the maintenance or content of their website.
-
5.2 Subject to Sub-clause 5.3 of these Terms & Conditions, neither Party may host any content that:
- 5.2.1 is in any way unlawful, harmful, threatening, obscene, harassing, discriminatory, defamatory or otherwise objectionable;
- 5.2.2 facilitates or promotes violence, terrorism, or any other criminal activity;
- 5.2.3 is sexually explicit; or
- 5.2.4 infringes or assists or encourages the infringement of any intellectual property rights belonging to any party.
- 5.3 Neither Party shall be under any obligation to pre-screen any content added to their website by third parties; however in the event that either Party receives from the other a written notification of any content that falls within that described in Sub-clause 5.2 of this Agreement, such content must be removed within 5 Business Days of receipt of such notice.
6. Display of Company Information
- 6.1 As an affiliate, you are free to display pricing and other information relating to our Service Packages. It is your responsibility to keep such information up-to-date through your own efforts; we will not provide pricing information updates to you.
- 6.2 We reserve the right to alter pricing at any time in accordance with our own policies.
- 6.3 Your Responsibilities: As a 8kSec LLC Affiliate you agree that:
- 6.3.1 You are responsible for providing us with full and accurate account information and for keeping that information up to date. Such information might include but is not limited to: contact details, payment details, tax information and any other details we may require. We reserve the right to request additional data regarding all the websites where you promote 8kSec LLC and the promotional practices you use. Failure to provide accurate information may result in exclusion from the Program, suspension or termination of your Affiliate account and forfeiture of any commissions.
- 6.3.2 You should not create more than one Affiliate account.
- 6.3.3 You should act in good faith to refer customers in good standing.
- 6.3.4 You cannot refer yourself, and you will not receive a commission on your own accounts. You should not use our Program to refer companies that you own or in which you have shares or other interests.
- 6.3.5 You should not take actions or make recommendations to your referrals that result in a potential revenue loss for 8kSec LLC.
- 6.3.6 You should not engage in incentivized programs and business-opportunity sites, using marketing practices that might be unethical or likely to attract customers, not in good standing.
- 6.3.7 You should not use on behalf of your referrals or encourage your referrals to use on their 8kSec LLC accounts any copyrighted or third-party material without the proper licenses.
- 6.3.8 You should not copy, alter or modify any icons, buttons, banners, graphics, files or content contained in 8kSec LLC’ Links, including but not limited to removing or altering any copyright or trademark notices, without prior written approval from us.
- 6.3.9 You should not engage in any blackhat SEO/spam link building techniques in order to generate more referrals for 8kSec LLC.
- 6.3.10 Post ads on offensive, illegal, hateful, pornographic, or otherwise distasteful websites.
- 6.3.11 You agree not to violate any applicable law.
- 6.3.12 If we detect a pattern in your affiliate practices that in our reasonable opinion violates any aspect of the T&C, we reserve the right to suspend or terminate your affiliate account and cancel all outstanding commission payments due.
- 6.4 Affiliate Advertising. Inappropriate ways of advertising include, but are not limited to:
- 6.4.1 Using any illegal or spam method of advertising, e.g. unsolicited email, an unauthorized placing of the link in forums, newsgroups, message boards etc.;
- 6.4.2 Bidding on keywords and phrases containing the 8kSec LLC trademark, or variations or misspellings of the trademarked term on Pay per Click or Pay per Impression campaigns on the search engines (Google, Yahoo, MSN, Ask, Bing or others) without our prior approval. You are not allowed to use the 8kSec LLC Website(s) as display URL in PPC ads and to direct-link or redirect to the 8kSec LLC Website(s);
- 6.4.3 Using non-unique copyright infringing content to promote 8kSec LLC;
- 6.4.4 Using traffic generated by pay to read, pay to click, banner exchanges, click exchanges, PPV advertising, pop-up/under, or similar methods;
- 6.4.5 Providing cash backs, rewards or any other kind of incentives to obtain the sale without our prior approval;
- 6.4.6 Offering price savings methods, including coupon(s), voucher(s), discount codes, or added value offers without our prior approval;
- 6.4.7 Using our advertising and promotional materials, trademark or name in a way which negatively affects our image;
- 6.4.8 Using iframes or any other techniques or technology that places your affiliate tracking cookie by any means other than an actual click-through;
- 6.4.9 Using link cloaking or masking techniques or technology with the goal to promote 8kSec LLC on websites and/or networks not explicitly listed in your affiliate profile and hiding that traffic source;
- 6.4.10 Your website(s) must NOT contain lewd, obscene, illegal or pornographic material or any other material that is deemed to be objectionable. This includes, but is not limited to, bigotry, hatred, pornography, satanic materials, trademark and copyright materials, all content of an adult nature, etc. The designation of any materials as such is subject to our reasonable opinion;
- 6.4.11 Your domain name(s), company name, logo, trademark, product(s), project(s), service(s) must NOT contain keywords and phrases containing the 8kSec LLC trademark or any other variations or misspellings confusingly similar to 8kSec LLC trademark, name, logo or domain name, without our prior approval;
- 6.4.12 Your domain name(s), company name, logo, trademark, your product(s), project(s), service(s) must NOT contain keywords and phrases that contain or are confusingly similar to third-party trademarks, names, logos or domain names, unless you have been duly authorised by the trademark owner.
- 6.4.13 8kSec LLC shall have the sole right to decide if a promotional method you use is appropriate. The use of any advertising method that we consider inappropriate may result in warning, suspension or termination of your affiliate account and cancellation of all outstanding commission payments due.
7. Service Packages
We provide services through our website in courses, bundles and subscriptions. Descriptions for these packages are available in academy.8ksec.io. In your Affiliate Dashboard, you will be able to view all the products that you will get commission for.
8. Customer Referral Requirements
- 8.1 Terms & conditions relating to the referral of customers to us via links on your website can be found on our website at academy.8ksec.io/affiliate-program-terms.
9. Orders
- 9.1 We undertake to use our best and reasonable endeavours to process and fulfil all orders for Service Packages placed by referred customers generated by affiliates.
- 9.2 We reserve the right to reject any orders that do not comply with the customer referral requirements detailed in Clause 8 of these Terms & Conditions.
- 9.3 It shall be our full responsibility to ensure that all orders are completed and that the provision of services is undertaken in accordance with our Service Level Agreements. We shall be responsible for order entry, payment processing, cancellations and all subsequent customer service. You shall have no further involvement with the customer or the completion of the transaction and all customers will be made aware of the same.
10. Affiliate Sales Reporting
- 10.1 We will track the following elements of all sales:
- 10.1.1 origin;
- 10.1.2 Service Package selected; and
- 10.1.3 revenue generated.
- 10.2 Full reports of all sales generated through the links on your website will be available in your Affiliate Dashboard. We reserve the right to alter the form and content of such reports without notice.
11. Commission and Referral Fees
- 11.1 You will be paid commission at the rates set out in Sub-clause 11.2 on the net profits of sales generated through your website.
-
11.2 Commission shall be calculated on the following basis:
- 11.2.1 If all the specified rules of engagement have been followed, all sales that result from Direct Referrals will attract a commission of 20%.
- 11.3 Clause 11.2.1 shall apply only until the expiration or removal of our cookies by the customer or for a period of 60 days set on the system days after the most recent Direct Referral for a particular customer, whichever is earlier.
- 11.4 In the event that a customer cannot be tracked, no commission will be paid.
- 11.5 Commission shall be calculated only once we have received payment in full from the customer. Only once payment has been received in full will sales be logged in your Affiliate Dashboard but will be shown as pending for 30 days set on the system days after the order has been completed (this time period reflects the time limit set out in our Cancellations Policy).
- 11.6 Every affiliate will receive commissions only for subscriptions that have passed their 30-day limit, which reflects the refund period.
- 11.7 Commissions will be sent to the PayPal email address of the Affiliate as provided in their Registration Data. Existing 8kSec LLC subscribers may get part of their commissions in the form of free courses or Promotional credits added to their accounts, up to the sum of their total subscription fees payable to 8kSec LLC. Any subsequent commissions shall be sent to their PayPal account, as described above.
- 11.8 In the event of any refunds issued for any reasons including, but not limited to fraud and where such refunds are not incurred through any fault of ours, you may be contacted to arrange for the repayment of any related commission.
- 11.9 Any and all commission paid to you shall be based on sales revenue less any tax due; however, you may still be liable to pay tax on your commission. By accepting these Terms & Conditions you hereby acknowledge that you are solely responsible for the payment of tax on any income you may generate through your involvement in the Program.
- 11.10 We reserve the right to modify our Commission Rates at any time. You will be given the option to opt out of the Program within the Notice Period and will, on the exercise of that option, be paid any Commission due to you, notwithstanding the total commission earnings requirement set out in Sub-clause 11.6 above.
12. Trade Marks
- 12.1 Upon your entry into the Program, we shall grant to you a non-exclusive, non-transferrable, royalty-free licence to use our logos and trademarks (our “Trade Marks”).
- 12.2 You may use our Trade Marks only to the extent required to establish links and perform your obligations as an Affiliate under these Terms & Conditions.
- 12.3 In the event that you wish to use our Trade Marks for any purposes outside of these Terms & Conditions you must not do so without prior written consent, such consent not to be unreasonably withheld.
- 12.4 By accepting these Terms & Conditions you hereby agree that:
- 12.4.1 our Trade Marks shall remain the property of 8kSec LLC, unless and until we assign those marks to a third party;
- 12.4.2 nothing in these Terms & Conditions shall be deemed to confer any ownership rights in our Trade Marks on you; and
- 12.4.3 you shall not contest the validity of our trade marks.
13. Intellectual Property
- 13.1 Unless otherwise expressly indicated we are the sole and exclusive owners of all Intellectual Property Rights (“IPRs”) in our website including, but not limited to: all code, text, sound, video, graphics, photographs and other images that form a part of the site. We shall also be the sole and exclusive owners of all IPRs which may subsist in any supporting documentation which shall include, but not be limited to, site plans, maps, design sketches and other preparatory material.
- 13.2 We shall be the sole and exclusive owners of all IPRs which may subsist in all future updates, additions and alterations to our website, such material including any supporting documentation.
14. Affiliate Warranties and Indemnity
- 14.1 In accepting these Terms & Conditions you hereby warrant and acknowledge that:
- 14.1.1 Your website does not and will not contain any content that:
- a) is in any way unlawful, harmful, threatening, obscene, harassing, discriminatory, defamatory or otherwise objectionable;
- b) facilitates or promotes violence, terrorism, or any other criminal activity;
- c) is sexually explicit; or
- d) infringes or assists or encourages the infringement of any intellectual property rights belonging to any party.
- 14.1.2 Your website is and shall remain functional and, subject to the provisions of Clause 19 of these Terms & Conditions, reasonable downtime for maintenance or third-party access restrictions, accessible to all users of the internet;
- 14.1.3 All necessary authorities, consents and approvals have been obtained in respect of your obligations under these Terms & Conditions and will remain valid and effective throughout the Term;
- 14.1.4 Your obligations under these Terms & Conditions shall constitute legal, valid and binding obligations on you. Such obligations shall be direct, unconditional and general obligations; and
- 14.1.5 You will not refer to us in any way in any unsolicited bulk email campaigns or other spamming practices that you may conduct.
- 14.2 By accepting these Terms & Conditions you agree that you shall indemnify us in full against all liability, loss, damages, costs and expenses (including legal expenses) awarded against or incurred or paid by us as a result of, or in connection with:
- 14.2.1 breach of any warranty given by you in relation to your website;
- 14.2.2 any claim that your website infringes the patent, copyright, trade mark or other intellectual property rights of any other person, except to the extent that the claim arises from compliance with any terms stipulated by us; and
- 14.2.3 any act or omission by you or your employees, agents or sub-contractors in performing your obligations under these Terms & Conditions.
15. Disclaimers
- 15.1 We make no warranty or representation that our website, the Program, or Service Packages sold through the Program will meet your requirements or those of your visitors, that they will be of satisfactory quality, that they will be fit for a particular purpose, that they will not infringe the rights of third parties, that they will be compatible with all systems, that they will be secure and that all information provided will be accurate.
- 15.2 We make no guarantee of any specific results from the use of our website or from enrolment in the Program.
- 15.3 We make no guarantee that our website shall remain functional and accessible to all users of the internet.
16. Liability
- 16.1 We shall not be liable to you for any indirect or consequential loss that you may suffer even if such loss is reasonably foreseeable or if we have been advised of the possibility of such loss being incurred.
- 16.2 Our entire liability to you in respect of any breach of our contractual obligations, any breach of warranty, any representation, statement or tortious act or omission including negligence arising under or in connection with these Terms & Conditions or the Agreement shall be limited to $1.
- 16.3 Notwithstanding any other provision in these Terms & Conditions, our liability to you for death or injury resulting from our own negligence or that of our employees, agents or sub-contractors shall not be limited.
17. Term and Termination
- 17.1 These Terms & Conditions and The Agreement shall come into force and become binding on the Commencement Date and shall continue in force for a period of 12 months from that date (the “Initial Term”). Following the Initial Term, your enrolment in the Program shall be renewed automatically for successive periods of 12 months (each a “Renewal Term”) unless and until terminated in accordance with this Clause 17.
-
17.2 Either Party may terminate the Agreement by giving 10 Business Days’ prior written notice to the other:
- 17.2.1 at any time where the other Party has committed a material breach of these Terms & Conditions or the Agreement and such breach has remained unremedied 10 Business Days after receiving written notice of that breach; or
- 17.2.2 if the other Party enters into liquidation whether compulsory or voluntary (except for the purposes of bona fide reconstruction or amalgamation with the prior written approval of the other Party), or compounds with or makes any arrangement with its creditors or makes a general assignment for the benefit of its creditors, or if it has a receiver, manager, administrative receiver or administrator appointed over the whole or substantially the whole of its undertaking or assets, or if it ceases or threatens to cease to carry on its business, or makes any material change in its business, or if it suffers any analogous process under any foreign law.
- 17.3 Either Party may request the termination of the Agreement at the end of the Current Term for any reason provided that written notice is given at least 10 Business Days before the end of the Current Term.
- 17.4 Upon the termination of the Agreement for any reason, you shall remove the links established under these Terms & Conditions.
- 17.5 Upon the termination of the Agreement for any reason, all licenses granted shall also terminate.
- 17.6 In the event that we terminate the Agreement in accordance with Sub-clause 17.2.1, any Commission owed to you at that time shall be forfeited.
18. Confidentiality
- 18.1 Each Party (a “Receiving Party”) shall keep the Confidential Information belonging to the other Party (a “Supplying Party”) confidential and secret and shall not use or disclose or make the Confidential Information available, directly or indirectly, to any person other than its officers and employees who need the Confidential Information to enable the Receiving Party to perform its obligations under these Terms & Conditions and provided that such officers and employees are also obliged to keep such Confidential Information confidential and secret. The foregoing obligations shall not apply to any information acquired by the Receiving Party which:
- 18.1.1 at the time of its acquisition was in the public domain; or
- 18.1.2 at a later date comes into the public domain through no fault of the Receiving Party.
- 18.2 Each Party hereby agrees and undertakes:
- 18.2.1 that all Confidential Information shall be and shall remain at all times the sole and exclusive property of the Supplying Party;
- 18.2.2 that its right to use Confidential Information shall wholly cease upon the termination of the Agreement; and
- 18.2.3 to return to the Supplying Party on termination of the Agreement all material embodying Confidential Information (including information stored on digital media) or any part thereof and all copies thereof.
19. Force Majeure
Neither Party to these Terms & Conditions shall be liable for any failure or delay in performing their obligations where such failure or delay results from any cause that is beyond the reasonable control of that Party. Such causes include, but are not limited to, power failure, Internet Service Provider failure, industrial action, civil unrest, fire, flood, storms, earthquakes, acts of terrorism, acts of war, governmental action or any other event that is beyond the control of the Party in question.
20. Severance
The Parties agree that in the event that one or more of the provisions of these Terms & Conditions is found to be unlawful, invalid, or otherwise unenforceable, that / those provisions shall be deemed severed from the remainder of these Terms & Conditions. The remainder of the Terms & Conditions shall be valid and enforceable.
21. Notice
Unless otherwise stated in these Terms & Conditions, the Parties agree that all notices to be served under the Agreement shall be in writing and may be sent by email to the other Party’s Registered Email Address.
22. Notice
- 22.1 These Terms & Conditions shall embody and set forth the entire agreement and understanding between the Parties and shall supersede all prior oral or written agreements, understandings or arrangements relating to the Program or the relationship between the Parties. Neither Party shall be entitled to rely on any agreement, understanding or arrangement not expressly set forth in these Terms & Conditions, save for any representation made fraudulently.
- 22.2 Unless otherwise expressly provided elsewhere in these Terms & Conditions, the Agreement may be varied only by a document signed by both of the Parties.
23. General
- 23.1 No Waiver - The Parties shall agree that no failure by either Party to enforce the performance of any provision in these Terms & Conditions shall constitute a waiver of the right to subsequently enforce that provision or any other provision of these Terms & Conditions. Such failure shall not be deemed to be a waiver of any preceding or subsequent breach and shall not constitute a continuing waiver.
- 23.2 Non-exclusivity - The relationship between the Parties shall be and shall remain non-exclusive. Both parties are free to enter into similar relationships with other parties.
- 23.3 Non-assignment - You may not assign any or all of your rights or obligations under these Terms & Conditions or the Agreement without our prior written consent, such consent not to be unreasonably withheld.
24. General
- 24.1 These Terms & Conditions and the Agreement shall be governed by the laws of the United States of America.
- 24.2 Any dispute between the Parties relating to the Agreement shall fall within the jurisdiction of the courts of the United States of America.
At 8kSec, we Empower businesses with Cutting-Edge Mobile Security Training, Pioneering Vulnerability research, and Innovative product offerings
Copyright © 2025
CONNECT WITH US
-
Twitter
-
LinkedIn
Live Trainings list:
Early Bird Pricing Ends January 15
Enroll now to lock in savings!
Be Among the First to Access Our Courses!
Join the thousands who’ve already transformed their skills with our live training—now available in newly launched, on-demand courses crafted for maximum impact.
As a thank you for being an early supporter, we’re offering exclusive Early Bird pricing and extended access for 15 months—our best value ever.
Register by November 30th to take advantage of these benefits.
Register by November 30th to take advantage of these benefits.
Lead Application Penetration Tester*
A Cybersecurity Testing & Consulting Firm
$150,000 - $180,000 a year
Required Qualifications & Skills
- Bachelor’s degree in Computer Science, Software Engineering, or related field, or equivalent job experience
- Thorough security testing of developer workflows and mobile applications (iPhone and Android), including identification of security issues and vulnerabilities
- Proficiency in multiple programming languages and understanding of secure coding practices
- In-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications
- Detailed assessments and compilation of findings into reports for further review and action
- Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault
Key Responsibilities
- Team Leadership: Lead and mentor penetration testers, ensuring high-quality security assessments
- Mobile & DevOps Security: Conduct security testing of mobile apps (iOS/Android) and integrate security into DevOps pipelines
- Code & Penetration Testing: Perform source code reviews and comprehensive web/mobile penetration testing
- Reporting & Collaboration: Document findings in detailed reports and collaborate with development teams for remediation
- Offensive Security: Execute red team exercises and offensive security operations
- Security Strategy: Develop and implement security testing strategies and best practices
- Global Collaboration: Work with global teams to secure applications
- Automation: Automate security testing within CI/CD pipelines
iOS Application Security Engineer*
A Cyber-Risk Consulting Firm
$150,000 - $200,000 a year
Required Qualifications & Skills
- Bachelor’s degree in Computer Science, Information Security, or a related field, or 5+ years in mobile application development
- Proficiency in iOS frameworks (UIKit, Core Data) and Android frameworks
- In-depth knowledge of mobile security vulnerabilities (OWASP Mobile Top 10) and remediation techniques
- Familiarity with mobile security testing tools (e.g., MobSF, Drozer, Burp Suite, OWASP ZAP)
- Extensive experience in iOS application development using Swift/Objective-C, ideally also knowledge of Android (Java/Kotlin) security
- Strong understanding of cryptography principles, secure data storage, and key management
- Experience with mobile reverse engineering tools such as Frida
- Knowledge of App Store and Google Play Store compliance requirements
- Familiarity with advanced encryption techniques and secure app distribution
- Proficiency in iOS frameworks (UIKit, Core Data) and Android frameworks
- In-depth knowledge of mobile security vulnerabilities (OWASP Mobile Top 10) and remediation techniques
- Familiarity with mobile security testing tools (e.g., MobSF, Drozer, Burp Suite, OWASP ZAP)
- Extensive experience in iOS application development using Swift/Objective-C, ideally also knowledge of Android (Java/Kotlin) security
- Strong understanding of cryptography principles, secure data storage, and key management
- Experience with mobile reverse engineering tools such as Frida
- Knowledge of App Store and Google Play Store compliance requirements
- Familiarity with advanced encryption techniques and secure app distribution
Key Responsibilities
- Secure Mobile Development: Implement secure coding practices (Swift/Objective-C, Kotlin/Java) and ensure secure data handling
- Security Architecture & Threat Modeling: Design secure architectures, perform threat modeling, and ensure compliance (OWASP, PCI DSS, NIST)
- Code Reviews & Auditing: Conduct code reviews, participate in security audits, and perform SAST/DAST
- Vulnerability Management & Penetration Testing: Manage vulnerabilities, conduct penetration tests, and analyze threats
- Security Architecture & Threat Modeling: Design secure architectures, perform threat modeling, and ensure compliance (OWASP, PCI DSS, NIST)
- Code Reviews & Auditing: Conduct code reviews, participate in security audits, and perform SAST/DAST
- Vulnerability Management & Penetration Testing: Manage vulnerabilities, conduct penetration tests, and analyze threats
- API Security & Compliance: Secure API integrations and ensure compliance with app store guidelines
- Collaboration & Incident Response: Collaborate with teams and respond to security incidents
Specialist, Offensive Android Security*
A Tech Giant Company
$151,200 - $207,500 a year
Required Qualifications & Skills
- Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent combination of education training and experience
- Proficiency in tools for kernel debugging, fuzzing, and penetration testing
- Experience with reverse engineering tools (e.g., IDA Pro & Ghidra), debugging tools (e.g., JTAG/SWD)
- 5+ years of experience in system-level penetration testing and vulnerability research
- Strong knowledge of low-level programming languages such as C and Assembly
- Proficiency in tools for kernel debugging, fuzzing, and penetration testing
- Experience with reverse engineering tools (e.g., IDA Pro & Ghidra), debugging tools (e.g., JTAG/SWD)
- 5+ years of experience in system-level penetration testing and vulnerability research
- Strong knowledge of low-level programming languages such as C and Assembly
Key Responsibilities
- Identify trends in kernel and device driver attacks and conduct in-depth research on emerging threats
- Conduct reverse engineering and Secure OS architecture analysis
Develop automated vulnerability discovery and analysis tools, such as fuzzing tools
- Perform penetration testing on OS components, including TEE, bootloader, and kernel
- Research and test the latest exploit trends, developing Proof of Concept attacks and advanced exploits (0-day, 1-day)
- Conduct in-depth root cause analysis to understand and mitigate system vulnerabilities
Kernel Security Researcher*
A Tech Giant Company
$143,100 - $264,200 a year
Required Qualifications & Skills
- Background in kernel and low level systems technologies
- Background in secure coding and code auditing
- Knowledge of modern anti-exploitation mitigations and their effectiveness
- Programming background in C, C++, and Python
Preferred Qualifications:
- Knowledge of macOS and iOS security architectures
- Background in secure coding and code auditing
- Knowledge of modern anti-exploitation mitigations and their effectiveness
- Programming background in C, C++, and Python
Preferred Qualifications:
- Knowledge of macOS and iOS security architectures
- Experience of software exploitation
- Knowledge of memory safe languages
- Proficiency with assembly languages, particularly ARM64, is a big plus
Key Responsibilities
Your responsibilities will include enhancing the security of our products to make them the most secure in the industry, evaluating security-critical code, developing intelligent automated tools for vulnerability detection, building exploits to test mitigation techniques, providing security-focused consultations on key technologies to partner teams, and driving the design and development of new mitigation strategies. This position may require some travel to our other sites, vendors, and security conferences.
Mobile Reverse Engineer*
An IT Services Firm
$88,200 - $195,200 a year
Required Qualifications & Skills
- Bachelor’s degree
- 5+ yrs experience in mobile software reverse engineering
- Experience with Windows, Linux, Android, OS X, and iOS operating system & architecture
- Experience in computer or cell phone architecture, system internals, operating systems, and/or boot process software engineering
Experience with static analysis tools such as IDA Pro, Ghidra and Binary Ninja
- Experience with debugging tools such as WinDbg
- Experience with virtualization, sandboxing, and emulation tools like VMware, KVM, QEMU and others
- Working knowledge of programming languages such as C, C++, .NET, Python, Java, etc.
- Experience debugging mobile application memory and performance issues
Preferred:
- Experience requiring a deep knowledge of Android and a strong passion in mobile industry and mobile development
- Experience developing/designing mobile phone platforms highly desired
- Experience in wireless API's (Wi-Fi, Bluetooth) preferred
- Engineer software scripts in C, C++, and Java with emphasis on prototyping and API extraction
- 5+ yrs experience in mobile software reverse engineering
- Experience with Windows, Linux, Android, OS X, and iOS operating system & architecture
- Experience in computer or cell phone architecture, system internals, operating systems, and/or boot process software engineering
Experience with static analysis tools such as IDA Pro, Ghidra and Binary Ninja
- Experience with debugging tools such as WinDbg
- Experience with virtualization, sandboxing, and emulation tools like VMware, KVM, QEMU and others
- Working knowledge of programming languages such as C, C++, .NET, Python, Java, etc.
- Experience debugging mobile application memory and performance issues
Preferred:
- Experience requiring a deep knowledge of Android and a strong passion in mobile industry and mobile development
- Experience developing/designing mobile phone platforms highly desired
- Experience in wireless API's (Wi-Fi, Bluetooth) preferred
- Engineer software scripts in C, C++, and Java with emphasis on prototyping and API extraction
Key Responsibilities
- Provide malicious code reverse engineering to isolate, review, analyze, and reverse-engineer potentially malicious programs recovered from compromised computer systems and networks
- Research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits
- Research behavior of binaries and share detailed understanding of how apps behave at memory/register level in support of technical exploitation operations
- Support efforts to design, prototype, document, test, conduct exploitation automation and transition code analysis methods and tools specific to technical exploitation operations
- Research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits
- Research behavior of binaries and share detailed understanding of how apps behave at memory/register level in support of technical exploitation operations
- Support efforts to design, prototype, document, test, conduct exploitation automation and transition code analysis methods and tools specific to technical exploitation operations
Senior Lead Security Engineer - Mobile*
A Global Banking Corporation
$147,700 - $190,000 a year
Required Qualifications & Skills
- Formal training or certification on Mobile Development concepts and 5+ years applied experience
- Strong understanding of mobile application security risks and mitigation strategies for both Android and iOS platforms
- Experience in implementing or managing mobile security operations
- Familiarity with CI/CD pipelines, DevSecOps methodologies, and secure software development practices
- Ability to collaborate with development teams on security functions & resolutions
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Strong collaboration and communication skills are essential for working effectively with teams on security implementations
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for future state architecture & enterprise integrations
- Proven experience leading projects from scoping to delivery
- Strong understanding of mobile application security risks and mitigation strategies for both Android and iOS platforms
- Experience in implementing or managing mobile security operations
- Familiarity with CI/CD pipelines, DevSecOps methodologies, and secure software development practices
- Ability to collaborate with development teams on security functions & resolutions
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Strong collaboration and communication skills are essential for working effectively with teams on security implementations
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for future state architecture & enterprise integrations
- Proven experience leading projects from scoping to delivery
Key Responsibilities
- Working closely with in-house mobile development teams, providing guidance on secure coding practices, threat mitigation strategies, and optimal use of mobile security solutions.
- Utilize our mobile security vendors and tools to drive proactive security measures, ensuring optimal configuration, monitoring, and maintenance to safeguard our mobile applications.
- Oversee the deployment, integration, and ongoing support of mobile security tools, ensuring they are effectively utilized and updated.
- Provide technical leadership in securing mobile applications and infrastructure, ensuring compliance with industry standards and best practices.
- Manage the lifecycle of mobile security tools, including planning and executing upgrades to maintain optimal performance and security.
- Work closely with cross-functional teams to enhance security awareness, provide training, and ensure adherence to security protocols. Additionally, serve as a key feedback conduit to the mobile binary scanning team, risk management, and source scanning teams, ensuring continuous improvements in security posture and alignment with organizational security strategies.
- Utilize our mobile security vendors and tools to drive proactive security measures, ensuring optimal configuration, monitoring, and maintenance to safeguard our mobile applications.
- Oversee the deployment, integration, and ongoing support of mobile security tools, ensuring they are effectively utilized and updated.
- Provide technical leadership in securing mobile applications and infrastructure, ensuring compliance with industry standards and best practices.
- Manage the lifecycle of mobile security tools, including planning and executing upgrades to maintain optimal performance and security.
- Work closely with cross-functional teams to enhance security awareness, provide training, and ensure adherence to security protocols. Additionally, serve as a key feedback conduit to the mobile binary scanning team, risk management, and source scanning teams, ensuring continuous improvements in security posture and alignment with organizational security strategies.
Reverse Engineer - Android*
A Cybersecurity Firm
$90,000 - $120,000 a year
Required Qualifications & Skills
- Associate's, Bachelor's, or Master's degree in Computer Science or a related discipline (preferred)
- 3-5 years of hands-on experience with Android and reverse engineering
- In-depth understanding of Android internals and the ability to read, comprehend, and analyze source code software
- Familiarity with reverse engineering tools such as Jadx, Ghidra, Frida, IDA Pro, and Burp to perform binary and APK analysis
- 3-5 years of hands-on experience with Android and reverse engineering
- In-depth understanding of Android internals and the ability to read, comprehend, and analyze source code software
- Familiarity with reverse engineering tools such as Jadx, Ghidra, Frida, IDA Pro, and Burp to perform binary and APK analysis
Key Responsibilities
As a dedicated and collaborative Android Malware Reverse Engineer, you will conduct reverse engineering, security assessments, and code reviews. You will also conduct and assist with complex decompilation, unpacking, code review, and malicious mobile software reviews. The goal of the work is to identify families of malware and act on apps at scale.
To give you an idea of how this Reverse Engineer Malware Analysis - Android role would look and feel, here are some things you could expect to do:
- Review malicious applications and SDKs by analyzing, unpacking, and reverse engineering software that compromises Android devices
- Review security policy violations, vulnerabilities, or improper coding practices
- Research threats like APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
To give you an idea of how this Reverse Engineer Malware Analysis - Android role would look and feel, here are some things you could expect to do:
- Review malicious applications and SDKs by analyzing, unpacking, and reverse engineering software that compromises Android devices
- Review security policy violations, vulnerabilities, or improper coding practices
- Research threats like APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
Android Mobile Reverse Engineer*
An IT Consulting Firm
$100,000 - $150,000 a year
Required Qualifications & Skills
- Proficiency in Android app development
- Expertise in reverse engineering tools
- Knowledge of Android internals
- Strong debugging and analysis skills
- Familiarity with encryption and obfuscation techniques
- Ability to work with disassemblers and debuggers
Desired Qualifications:
- Experience with Android emulator tools
- Familiarity with mobile penetration testing
- Experience with static and dynamic analysis tools
- Knowledge of security exploits in mobile apps
- Ability to develop custom reverse engineering scripts
- Strong communication and reporting abilities
- Expertise in reverse engineering tools
- Knowledge of Android internals
- Strong debugging and analysis skills
- Familiarity with encryption and obfuscation techniques
- Ability to work with disassemblers and debuggers
Desired Qualifications:
- Experience with Android emulator tools
- Familiarity with mobile penetration testing
- Experience with static and dynamic analysis tools
- Knowledge of security exploits in mobile apps
- Ability to develop custom reverse engineering scripts
- Strong communication and reporting abilities
Key Responsibilities
- Analyze Android applications for vulnerabilities
- Deconstruct mobile application code
- Identify and mitigate security risks
- Reverse engineer mobile app binaries
- Conduct security audits on Android systems
- Document findings and create reports
- Deconstruct mobile application code
- Identify and mitigate security risks
- Reverse engineer mobile app binaries
- Conduct security audits on Android systems
- Document findings and create reports
Mobile Implant Software Engineer*
A Cyber-Risk Consulting Firm
$114,000 - $180,000 a year
Required Qualifications & Skills
- Proven experience in CNO and software development, particularly in support of DoD and Intelligence community customers
- Demonstrated ability to perform advanced research and development on embedded systems, Linux, and iOS platforms
- Strong understanding of network protocols and experience in implementing support for TCP, UDP, and TLS
- Experience in designing, developing, and integrating modular cyber capabilities
- Proficiency in using and integrating CI/CD tools and practices
- Excellent problem-solving skills and the ability to design novel solutions to complex security challenges
- Strong leadership skills with the ability to guide and mentor development teams
- Programming Languages: C, C++, Python, Java, x86 Assembly, MIPS Assembly, Microblaze Assembly, ARM Assembly, ARM64 Assembly, VHDL, Verilog, XML, JSON, HTML
- Tools and Technologies: LLDB/LLVM, IDA Pro, Immunity Debugger, Immunity Canvas, Eclipse, Git, Subversion, Embedded Systems, FPGAs, Docker, Intel Performance Primitives (IPP), High Performance Computing (HPC), REDHAWK, OmniORB CORBA, Software Defined Radios (SDR), Signal Processing, MySQL, PostgreSQL, JDBC, Django, ActiveMQ, Jpype, Pyxb, STOMP
- Demonstrated ability to perform advanced research and development on embedded systems, Linux, and iOS platforms
- Strong understanding of network protocols and experience in implementing support for TCP, UDP, and TLS
- Experience in designing, developing, and integrating modular cyber capabilities
- Proficiency in using and integrating CI/CD tools and practices
- Excellent problem-solving skills and the ability to design novel solutions to complex security challenges
- Strong leadership skills with the ability to guide and mentor development teams
- Programming Languages: C, C++, Python, Java, x86 Assembly, MIPS Assembly, Microblaze Assembly, ARM Assembly, ARM64 Assembly, VHDL, Verilog, XML, JSON, HTML
- Tools and Technologies: LLDB/LLVM, IDA Pro, Immunity Debugger, Immunity Canvas, Eclipse, Git, Subversion, Embedded Systems, FPGAs, Docker, Intel Performance Primitives (IPP), High Performance Computing (HPC), REDHAWK, OmniORB CORBA, Software Defined Radios (SDR), Signal Processing, MySQL, PostgreSQL, JDBC, Django, ActiveMQ, Jpype, Pyxb, STOMP
Key Responsibilities
- Lead research and development projects focused on mobile vulnerabilities and cyber operations
- Design and implement innovative solutions to address operational security challenges
- Architect and develop flexible, modular cyber capabilities in C, C++, and Python
- Triage and analyze public software vulnerabilities (CVEs) for security concerns
- Provide technical support and custom solutions to high-priority customer needs
- Design and develop new client/server data distribution tools
- Implement support for multiple network protocols, including TCP, UDP, and TLS
- Create custom build systems and ensure portability using Docker
- Integrate new projects with CI/CD services to streamline development processes
- Generate and maintain unit tests to enhance the reliability of client/server applications
- Guide the development team in adhering to industry software engineering standards and best practices
- Design and implement innovative solutions to address operational security challenges
- Architect and develop flexible, modular cyber capabilities in C, C++, and Python
- Triage and analyze public software vulnerabilities (CVEs) for security concerns
- Provide technical support and custom solutions to high-priority customer needs
- Design and develop new client/server data distribution tools
- Implement support for multiple network protocols, including TCP, UDP, and TLS
- Create custom build systems and ensure portability using Docker
- Integrate new projects with CI/CD services to streamline development processes
- Generate and maintain unit tests to enhance the reliability of client/server applications
- Guide the development team in adhering to industry software engineering standards and best practices
iOS Vulnerability Engineer (Software)*
An IT Consulting Firm
$120,000 - $170,000 a year
Required Qualifications & Skills
- Strong knowledge of iOS internals
- Proficiency in reverse engineering tools
- Expertise in static and dynamic code analysis
- Familiarity with secure coding practices
- Proficiency in iOS development tools (e.g., Xcode)
- Ability to exploit and remediate vulnerabilities
Desired skills:
- Knowledge of ARM assembly
- Experience with fuzz testing methodologies
- Familiarity with jailbreak development
- Understanding of malware analysis techniques
- Expertise in cryptographic protocols
- Proficiency in scripting for automation (e.g., Python)
- Proficiency in reverse engineering tools
- Expertise in static and dynamic code analysis
- Familiarity with secure coding practices
- Proficiency in iOS development tools (e.g., Xcode)
- Ability to exploit and remediate vulnerabilities
Desired skills:
- Knowledge of ARM assembly
- Experience with fuzz testing methodologies
- Familiarity with jailbreak development
- Understanding of malware analysis techniques
- Expertise in cryptographic protocols
- Proficiency in scripting for automation (e.g., Python)
Key Responsibilities
- Identify and analyze iOS vulnerabilities
- Develop mitigation strategies for discovered issues
- Conduct security assessments of iOS applications
- Perform reverse engineering of iOS binaries
- Collaborate with development teams to improve software security
- Document findings and recommend improvements
- Develop mitigation strategies for discovered issues
- Conduct security assessments of iOS applications
- Perform reverse engineering of iOS binaries
- Collaborate with development teams to improve software security
- Document findings and recommend improvements