Terms and Conditions
This agreement applies as between you, the User of this Website and 8kSec LLC, the owner(s) of this Website. Your agreement to comply with and be bound by Clauses 1, 2, 4 – 9 and 13 – 23 of these Terms and Conditions is deemed to occur upon your first use of the Website. Clauses 3 and 10 – 12 apply only to the sale of Services. If you do not agree to be bound by these Terms and Conditions, you should stop using the Website immediately.
No part of this Website is intended to constitute a contractual offer capable of acceptance. Your order constitutes a contractual offer and Our acceptance of that offer is deemed to occur upon Our sending a confirmation email to you indicating that your order has been accepted.
No part of this Website is intended to constitute a contractual offer capable of acceptance. Your order constitutes a contractual offer and Our acceptance of that offer is deemed to occur upon Our sending a confirmation email to you indicating that your order has been accepted.
1. Definitions and Interpretation
In this Agreement the following terms shall have the following meanings:
"Account": means collectively the personal information, Payment Information and credentials used by Users to access Paid Content and / or any communications System on the Website;
"Content": means any text, graphics, images, audio, video, software, data compilations and any other form of information capable of being stored in a computer that appears on or forms part of this Website;
"Facilities": means collectively any online facilities, tools, services or information that 8kSec LLC makes available through the Website either now or in the future;
"Services": means the services available to you through this Website, specifically use of the 8kSec LLC proprietary e-learning platform;
"Payment Information": means any details required for the purchase of Services from this Website. This includes, but is not limited to, credit / debit card numbers, bank account numbers and sort codes;
"System": means any online communications infrastructure that 8kSec LLC makes available through the Website either now or in the future. This includes, but is not limited to, web-based email, message boards, live chat facilities and email links;
"System": means any online communications infrastructure that 8kSec LLC makes available through the Website either now or in the future. This includes, but is not limited to, web-based email, message boards, live chat facilities and email links;
"User" / "Users": means any third party that accesses the Website and is not employed by 8kSec LLC Ltd and acting in the course of their employment;
"Website": means the website that you are currently using (academy.8ksec.io) and any sub-domains of this site unless expressly excluded by their own terms and conditions; and
"We/Us/Our": means 8kSec LLC.
2. Age Restrictions
Persons under the age of 18 should use this Website only with the supervision of an Adult. Payment Information must be provided by or with the permission of an Adult.
3. Business Customers
These Terms and Conditions also apply to customers procuring Services in the course of business.
4. Intellectual Property
- 4.1 Subject to the exceptions in Clause 5 of these Terms and Conditions, all Content included on the Website, unless uploaded by Users, including, but not limited to, text, graphics, logos, icons, images, sound clips, video clips, data compilations, page layout, underlying code and software is the property of 8kSec LLC, our affiliates or other relevant third parties. By continuing to use the Website you acknowledge that such material is protected by applicable United States and International intellectual property and other laws.
- 4.2 You may not reproduce, copy, distribute, store or in any other fashion re-use material from the Website unless otherwise indicated on the Website or unless given Our express written permission to do so.
5. Third Party Intellectual Property
- 5.1 Unless otherwise expressly indicated, all Intellectual Property rights including, but not limited to, Copyright and Trademarks, in product images and descriptions belong to the manufacturers or distributors of such products as may be applicable.
- 5.2 You may not reproduce, copy, distribute, store or in any other fashion re-use such material unless otherwise indicated on the Website or unless given express written permission to do so by the relevant manufacturer or supplier.
6. Links to Other Websites
This Website may contain links to other sites. Unless expressly stated, these sites are not under the control of 8kSec LLC or that of Our affiliates. We assume no responsibility for the content of such websites and disclaim liability for any and all forms of loss or damage arising out of the use of them. The inclusion of a link to another site on this Website does not imply any endorsement of the sites themselves or of those in control of them.
7. Use of Communications Facilities
- 7.1 When using any System on the Website you should do so in accordance with the following rules. Failure to comply with these rules may result in your Account being suspended or closed:
- 7.1.1 You must not use obscene or vulgar language;
- 7.1.2 You must not submit Content that is unlawful or otherwise objectionable. This includes, but is not limited to, Content that is abusive, threatening, harassing, defamatory, ageist, sexist or racist;
- 7.1.3 You must not submit Content that is intended to promote or incite violence;
- 7.1.4 It is advised that submissions are made using the English language as We may be unable to respond to enquiries submitted in any other languages;
- 7.1.5 The means by which you identify yourself must not violate these Terms and Conditions or any applicable laws;
- 7.1.6 You must not impersonate other people, particularly employees and representatives of 8kSec LLC or Our affiliates; and
- 7.1.7 You must not use Our System for unauthorised mass-communication such as "spam" or "junk mail".
- 7.2 You acknowledge that 8kSec LLC reserves the right to monitor any and all communications made to Us or using Our System.
- 7.3 You acknowledge that 8kSec LLC may retain copies of any and all communications made to Us or using Our System.
- 7.4 You acknowledge that any information you send to Us through Our System may be modified by Us in any way and you hereby waive your moral right to be identified as the author of such information. Any restrictions you may wish to place upon Our use of such information must be communicated to Us in advance and We reserve the right to reject such terms and associated information.
8. Accounts
- 8.1 In order to procure Services on this Website and to use certain other parts of the System, you are required to create an Account which will contain certain personal details and Payment Information which may vary based upon your use of the Website as We may not require payment information until you wish to make a purchase. By continuing to use this Websiteyou represent and warrant that:
- 8.1.1 all information you submit is accurate and truthful;
- 8.1.2 you have permission to submit Payment Information where permission may be required; and
- 8.1.3 you will keep this information accurate and up-to-date. Your creation of an Account is further affirmation of your representation and warranty.
- 8.2 It is recommended that you do not share your Account details, particularly your username and password. We accept no liability for any losses or damages incurred as a result of your Account details being shared by you. If you use a shared computer, it is recommended that you do not save your Account details in your internet browser.
- 8.3 If you have reason to believe that your Account details have been obtained by another person without consent, you should contact Us immediately to suspend your Account and cancel any unauthorised orders or payments that may be pending. Please be aware that orders or payments can only be cancelled up until provision of Services has commenced. In the event that an unauthorised provision commences prior to your notifying Us of the unauthorised nature of the order or payment then you shall be charged for the period from the commencement of the provision of services until the date you notified us and may be charged for a billing cycle of one month.
- 8.4 When choosing your username you are required to adhere to the terms set out above in Clause 7. Any failure to do so could result in the suspension and/or deletion of your Account.
9. Termination and Cancellation of Accounts
- 9.1 Either 8kSec LLC or you may terminate your Account. If We terminate your Account, you will be notified by email and an explanation for the termination will be provided. Notwithstanding the foregoing, We reserve the right to terminate without giving reasons.
- 9.2 If We terminate your Account, any current or pending orders or payments on your Account will be cancelled and provision of Services will not commence.
10. Services, Pricing and Availability
- 10.1 Whilst every effort has been made to ensure that all general descriptions of Services available from 8kSec LLC correspond to the actual Services that will be provided to you, We are not responsible for any variations from these descriptions as the exact nature of the Services may vary depending on your individual requirements and circumstances. This does not exclude Our liability for mistakes due to negligence on Our part and refers only to variations of the correct Services, not different Services altogether.
- 10.2 Where appropriate, you may be required to select the required Plan of Services.
- 10.3 We neither represent nor warrant that such Services will be available at all times and cannot necessarily confirm availability until confirming your Order. Availability indications are not provided on the Website.
- 10.4 All pricing information on the Website is correct at the time of going online. We reserve the right to change prices and alter or remove any special offers from time to time and as necessary.
- 10.5 In the event that prices are changed during the period between an order being placed for Services and Us processing that order and taking payment, then the price that was valid at the time of the order shall be used.
11. Orders and Provision of Services
- 11.1 No part of this Website constitutes a contractual offer capable of acceptance. Your order constitutes a contractual offer that We may, at Our sole discretion, accept. Our acceptance is indicated by Us sending to you an order confirmation email. Only once We have sent you an order confirmation email will there be a binding contract between 8kSec LLC and you.
- 11.2 Order confirmations under sub-Clause 11.1 will be sent to you before the Services begin and shall contain the order details.
- 11.3 If We, for any reason, do not accept your order, no payment shall be taken under normal circumstances. In any event, any sums paid by you in relation to that order will be refunded within 14 calendar days.
- 11.4 Payment for the Services shall be taken via your chosen payment method, immediately for any setup fee that corresponds to the service plan you purchased and at the same day of each subsequent month (“billing cycle”) for charges accrued during the previous month (“billing cycle”) AND/OR as indicated in the order confirmation you received.
- 11.5 We aim to fulfill your Order within 2-3 working days or if not, within a reasonable period following your Order, unless there are exceptional circumstances. If we cannot fulfill your Order within a reasonable period, we will inform you at the time you place the Order by a note on the relevant web page or by contacting you directly after you place your Order. Time is not of the essence of the Contract, which means we will aim to fulfill your Order within any agreed timescales but this is not an essential term of the Contract and we will not be liable to you if we do not do so.
- 11.6 8kSec LLC shall use all Our reasonable endeavours to provide the Services with reasonable skill and care, commensurate with best trade practice.
- 11.7 In the event that Services are provided that are not in conformity with your order and thus incorrect, you should contact Us immediately to inform Us of the mistake. We will ensure that any necessary corrections are made within five (5) working days.
- 11.8 Additional terms and conditions may apply to the provision of certain Services. You will be asked to read and confirm your acceptance of any such terms and conditions when completing your Order.
- 11.9 8kSec LLC provides technical support via support@8ksec.io email. 8kSec LLC makes every effort possible to respond in a timely manner but we do not guarantee a particular response time.
12. Cancellation of Orders and Services
We are committed to providing high-quality digital courses to enhance your learning experience. If you have any questions or concerns about your purchase, please contact us via email at support@8ksec.io.
- 12.1 Waiver of Right to Cancel
By purchasing our digital courses, you expressly request and consent to the immediate supply of the digital content and acknowledge that you lose your statutory right to cancel the purchase and obtain a refund once access to the course has been granted.
- 12.2 Non-Refundable Purchases
All sales of digital courses are final and non-refundable. Once you have been granted access to the course content, cancellations, refunds, or exchanges are not permitted.
13. Privacy
Use of the Website is also governed by Our Privacy Policy (academy.8ksec.io/privacy) which is incorporated into these Terms and Conditions by this reference. To view the Privacy Policy, please click on the link above.
14. How We Use Your Personal Information (Data Protection)
- 14.1 All personal information that We may collect (including, but not limited to, your name and address) will be collected, used and held in accordance with the provisions of the Data Protection Act 1998 and your rights under that Act.
- 14.2 We may use your personal information to:
- 14.2.1 Provide Our Services to you;
- 14.2.2 Process your payment for the Services; and
- 14.2.3 Inform you of new products and services available from Us. You may request that We stop sending you this information at any time.
- 14.3 In certain circumstances (if, for example, you wish to purchase Services on credit), and with your consent, We may pass your personal information on to credit reference agencies. These agencies are also bound by the Data Protection Act 1998 and should use and hold your personal information accordingly.
- 14.4 We will not pass on your personal information to any other third parties without first obtaining your express permission.
15. Disclaimers
- 15.1 We make no warranty or representation that the Website will meet your requirements, that it will be of satisfactory quality, that it will be fit for a particular purpose, that it will not infringe the rights of third parties, that it will be compatible with all systems, that it will be secure and that all information provided will be accurate. We make no guarantee of any specific results from the use of our Service or Services.
- 15.2 No part of this Website is intended to constitute advice and the Content of this Website should not be relied upon when making any decisions or taking any action of any kind.
- 15.3 No part of this Website is intended to constitute a contractual offer capable of acceptance.
- 15.4 Whilst We use reasonable endeavours to ensure that the Website is secure and free of errors, viruses and other malware, you are strongly advised to take responsibility for your own internet security, that of your personal details and your computers.
16. Changes to the Facilities and these Terms and Conditions
We reserve the right to change the Website, its Content or these Terms and Conditions at any time. You will be bound by any changes to the Terms and Conditions from the first time you use the Website following the changes. If We are required to make any changes to these Terms and Conditions by law, these changes will apply automatically to any orders currently pending in addition to any orders placed by you in the future.
17. Availability of the Website
- 17.1 The Website is provided “as is” and on an “as available” basis. 8kSec LLC uses industry best practices to provide a high uptime, including a fault-tolerant architecture hosted in cloud servers. We give no warranty that the Website or Facilities will be free of defects and / or faults and we do not provide any kind of refund for outages. We provide no warranties (express or implied) of fitness for a particular purpose, accuracy of information, compatibility and satisfactory quality.
- 17.2 We accept no liability for any disruption or non-availability of the Website resulting from external causes including, but not limited to, ISP equipment failure, host equipment failure, communications network failure, power failure, natural events, acts of war or legal restrictions and censorship.
18. Limitation of Liability
- 18.1 To the maximum extent permitted by law, We accept no liability for any direct or indirect loss or damage, foreseeable or otherwise, including any indirect, consequential, special or exemplary damages arising from the use of the Website or any information contained therein. You should be aware that you use the Website and its Content at your own risk.
- 18.2 Nothing in these Terms and Conditions excludes or restricts .
- 18.3 Nothing in these Terms and Conditions excludes or restricts 8kSec LLC's liability for any direct or indirect loss or damage arising out of the incorrect provision of Services or out of reliance on incorrect information included on the Website.
- 18.4 In the event that any of these terms are found to be unlawful, invalid or otherwise unenforceable, that term is to be deemed severed from these Terms and Conditions and shall not affect the validity and enforceability of the remaining Terms and Conditions. This term shall apply only within jurisdictions where a particular term is illegal.
19. No Waiver
In the event that any party to these Terms and Conditions fails to exercise any right or remedy contained herein, this shall not be construed as a waiver of that right or remedy.
20. Previous Terms and Conditions
In the event of any conflict between these Terms and Conditions and any prior versions thereof, the provisions of these Terms and Conditions shall prevail unless it is expressly stated otherwise.
21. Third Party Rights
Nothing in these Terms and Conditions shall confer any rights upon any third party. The agreement created by these Terms and Conditions is between you and 8kSec LLC.
22. Communications
- 22.1 All notices / communications shall be given to Us by email to support@8ksec.io. Such notice will be deemed received the day of sending if the email is received in full on a business day and on the next business day if the email is sent on a weekend or public holiday.
- 22.2 We may from time to time, if you opt to receive it, send you information about Our products and/or services. If you do not wish to receive such information, please click on the ‘Unsubscribe’ link in any email which you receive from Us.
23. Law and Jurisdiction
These Terms and Conditions and the relationship between you and 8kSec LLC shall be governed by and construed in accordance with the laws of the United States of America, and 8kSec LLC and you agree to submit to the exclusive jurisdiction of the United States of America.
At 8kSec, we Empower businesses with Cutting-Edge Mobile Security Training, Pioneering Vulnerability research, and Innovative product offerings
Copyright © 2025
FEATURED LINKS
CONNECT WITH US
-
Twitter
-
LinkedIn
Live Trainings list:
Lead Application Penetration Tester*
A Cybersecurity Testing & Consulting Firm
$150,000 - $180,000 a year
Required Qualifications & Skills
- Bachelor’s degree in Computer Science, Software Engineering, or related field, or equivalent job experience
- Thorough security testing of developer workflows and mobile applications (iPhone and Android), including identification of security issues and vulnerabilities
- Proficiency in multiple programming languages and understanding of secure coding practices
- In-depth source code reviews to identify security flaws or weaknesses that could be exploited in software applications
- Detailed assessments and compilation of findings into reports for further review and action
- Experience with tools like Burp Suite Pro, Checkmarx, Corellium, Synopsys, Acunetix, VeraCode, SAST & DAST Tools, Plextrac, Cloud security (AWS / Azure / Oracle), Postman, SmartBear ReadyAPI, SoapUI, and Hashicorp Vault
Key Responsibilities
- Team Leadership: Lead and mentor penetration testers, ensuring high-quality security assessments
- Mobile & DevOps Security: Conduct security testing of mobile apps (iOS/Android) and integrate security into DevOps pipelines
- Code & Penetration Testing: Perform source code reviews and comprehensive web/mobile penetration testing
- Reporting & Collaboration: Document findings in detailed reports and collaborate with development teams for remediation
- Offensive Security: Execute red team exercises and offensive security operations
- Security Strategy: Develop and implement security testing strategies and best practices
- Global Collaboration: Work with global teams to secure applications
- Automation: Automate security testing within CI/CD pipelines
iOS Application Security Engineer*
A Cyber-Risk Consulting Firm
$150,000 - $200,000 a year
Required Qualifications & Skills
- Bachelor’s degree in Computer Science, Information Security, or a related field, or 5+ years in mobile application development
- Proficiency in iOS frameworks (UIKit, Core Data) and Android frameworks
- In-depth knowledge of mobile security vulnerabilities (OWASP Mobile Top 10) and remediation techniques
- Familiarity with mobile security testing tools (e.g., MobSF, Drozer, Burp Suite, OWASP ZAP)
- Extensive experience in iOS application development using Swift/Objective-C, ideally also knowledge of Android (Java/Kotlin) security
- Strong understanding of cryptography principles, secure data storage, and key management
- Experience with mobile reverse engineering tools such as Frida
- Knowledge of App Store and Google Play Store compliance requirements
- Familiarity with advanced encryption techniques and secure app distribution
- Proficiency in iOS frameworks (UIKit, Core Data) and Android frameworks
- In-depth knowledge of mobile security vulnerabilities (OWASP Mobile Top 10) and remediation techniques
- Familiarity with mobile security testing tools (e.g., MobSF, Drozer, Burp Suite, OWASP ZAP)
- Extensive experience in iOS application development using Swift/Objective-C, ideally also knowledge of Android (Java/Kotlin) security
- Strong understanding of cryptography principles, secure data storage, and key management
- Experience with mobile reverse engineering tools such as Frida
- Knowledge of App Store and Google Play Store compliance requirements
- Familiarity with advanced encryption techniques and secure app distribution
Key Responsibilities
- Secure Mobile Development: Implement secure coding practices (Swift/Objective-C, Kotlin/Java) and ensure secure data handling
- Security Architecture & Threat Modeling: Design secure architectures, perform threat modeling, and ensure compliance (OWASP, PCI DSS, NIST)
- Code Reviews & Auditing: Conduct code reviews, participate in security audits, and perform SAST/DAST
- Vulnerability Management & Penetration Testing: Manage vulnerabilities, conduct penetration tests, and analyze threats
- Security Architecture & Threat Modeling: Design secure architectures, perform threat modeling, and ensure compliance (OWASP, PCI DSS, NIST)
- Code Reviews & Auditing: Conduct code reviews, participate in security audits, and perform SAST/DAST
- Vulnerability Management & Penetration Testing: Manage vulnerabilities, conduct penetration tests, and analyze threats
- API Security & Compliance: Secure API integrations and ensure compliance with app store guidelines
- Collaboration & Incident Response: Collaborate with teams and respond to security incidents
Specialist, Offensive Android Security*
A Tech Giant Company
$151,200 - $207,500 a year
Required Qualifications & Skills
- Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent combination of education training and experience
- Proficiency in tools for kernel debugging, fuzzing, and penetration testing
- Experience with reverse engineering tools (e.g., IDA Pro & Ghidra), debugging tools (e.g., JTAG/SWD)
- 5+ years of experience in system-level penetration testing and vulnerability research
- Strong knowledge of low-level programming languages such as C and Assembly
- Proficiency in tools for kernel debugging, fuzzing, and penetration testing
- Experience with reverse engineering tools (e.g., IDA Pro & Ghidra), debugging tools (e.g., JTAG/SWD)
- 5+ years of experience in system-level penetration testing and vulnerability research
- Strong knowledge of low-level programming languages such as C and Assembly
Key Responsibilities
- Identify trends in kernel and device driver attacks and conduct in-depth research on emerging threats
- Conduct reverse engineering and Secure OS architecture analysis
Develop automated vulnerability discovery and analysis tools, such as fuzzing tools
- Perform penetration testing on OS components, including TEE, bootloader, and kernel
- Research and test the latest exploit trends, developing Proof of Concept attacks and advanced exploits (0-day, 1-day)
- Conduct in-depth root cause analysis to understand and mitigate system vulnerabilities
Kernel Security Researcher*
A Tech Giant Company
$143,100 - $264,200 a year
Required Qualifications & Skills
- Background in kernel and low level systems technologies
- Background in secure coding and code auditing
- Knowledge of modern anti-exploitation mitigations and their effectiveness
- Programming background in C, C++, and Python
Preferred Qualifications:
- Knowledge of macOS and iOS security architectures
- Background in secure coding and code auditing
- Knowledge of modern anti-exploitation mitigations and their effectiveness
- Programming background in C, C++, and Python
Preferred Qualifications:
- Knowledge of macOS and iOS security architectures
- Experience of software exploitation
- Knowledge of memory safe languages
- Proficiency with assembly languages, particularly ARM64, is a big plus
Key Responsibilities
Your responsibilities will include enhancing the security of our products to make them the most secure in the industry, evaluating security-critical code, developing intelligent automated tools for vulnerability detection, building exploits to test mitigation techniques, providing security-focused consultations on key technologies to partner teams, and driving the design and development of new mitigation strategies. This position may require some travel to our other sites, vendors, and security conferences.
Mobile Reverse Engineer*
An IT Services Firm
$88,200 - $195,200 a year
Required Qualifications & Skills
- Bachelor’s degree
- 5+ yrs experience in mobile software reverse engineering
- Experience with Windows, Linux, Android, OS X, and iOS operating system & architecture
- Experience in computer or cell phone architecture, system internals, operating systems, and/or boot process software engineering
Experience with static analysis tools such as IDA Pro, Ghidra and Binary Ninja
- Experience with debugging tools such as WinDbg
- Experience with virtualization, sandboxing, and emulation tools like VMware, KVM, QEMU and others
- Working knowledge of programming languages such as C, C++, .NET, Python, Java, etc.
- Experience debugging mobile application memory and performance issues
Preferred:
- Experience requiring a deep knowledge of Android and a strong passion in mobile industry and mobile development
- Experience developing/designing mobile phone platforms highly desired
- Experience in wireless API's (Wi-Fi, Bluetooth) preferred
- Engineer software scripts in C, C++, and Java with emphasis on prototyping and API extraction
- 5+ yrs experience in mobile software reverse engineering
- Experience with Windows, Linux, Android, OS X, and iOS operating system & architecture
- Experience in computer or cell phone architecture, system internals, operating systems, and/or boot process software engineering
Experience with static analysis tools such as IDA Pro, Ghidra and Binary Ninja
- Experience with debugging tools such as WinDbg
- Experience with virtualization, sandboxing, and emulation tools like VMware, KVM, QEMU and others
- Working knowledge of programming languages such as C, C++, .NET, Python, Java, etc.
- Experience debugging mobile application memory and performance issues
Preferred:
- Experience requiring a deep knowledge of Android and a strong passion in mobile industry and mobile development
- Experience developing/designing mobile phone platforms highly desired
- Experience in wireless API's (Wi-Fi, Bluetooth) preferred
- Engineer software scripts in C, C++, and Java with emphasis on prototyping and API extraction
Key Responsibilities
- Provide malicious code reverse engineering to isolate, review, analyze, and reverse-engineer potentially malicious programs recovered from compromised computer systems and networks
- Research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits
- Research behavior of binaries and share detailed understanding of how apps behave at memory/register level in support of technical exploitation operations
- Support efforts to design, prototype, document, test, conduct exploitation automation and transition code analysis methods and tools specific to technical exploitation operations
- Research new trends, techniques, and packaging of malicious software to stay current and ready to identify and handle zero-day exploits
- Research behavior of binaries and share detailed understanding of how apps behave at memory/register level in support of technical exploitation operations
- Support efforts to design, prototype, document, test, conduct exploitation automation and transition code analysis methods and tools specific to technical exploitation operations
Senior Lead Security Engineer - Mobile*
A Global Banking Corporation
$147,700 - $190,000 a year
Required Qualifications & Skills
- Formal training or certification on Mobile Development concepts and 5+ years applied experience
- Strong understanding of mobile application security risks and mitigation strategies for both Android and iOS platforms
- Experience in implementing or managing mobile security operations
- Familiarity with CI/CD pipelines, DevSecOps methodologies, and secure software development practices
- Ability to collaborate with development teams on security functions & resolutions
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Strong collaboration and communication skills are essential for working effectively with teams on security implementations
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for future state architecture & enterprise integrations
- Proven experience leading projects from scoping to delivery
- Strong understanding of mobile application security risks and mitigation strategies for both Android and iOS platforms
- Experience in implementing or managing mobile security operations
- Familiarity with CI/CD pipelines, DevSecOps methodologies, and secure software development practices
- Ability to collaborate with development teams on security functions & resolutions
- Hands-on practical experience delivering enterprise level cybersecurity solutions and controls
- Strong collaboration and communication skills are essential for working effectively with teams on security implementations
- Ability to evaluate current and emerging technologies to select or recommend the best solutions for future state architecture & enterprise integrations
- Proven experience leading projects from scoping to delivery
Key Responsibilities
- Working closely with in-house mobile development teams, providing guidance on secure coding practices, threat mitigation strategies, and optimal use of mobile security solutions.
- Utilize our mobile security vendors and tools to drive proactive security measures, ensuring optimal configuration, monitoring, and maintenance to safeguard our mobile applications.
- Oversee the deployment, integration, and ongoing support of mobile security tools, ensuring they are effectively utilized and updated.
- Provide technical leadership in securing mobile applications and infrastructure, ensuring compliance with industry standards and best practices.
- Manage the lifecycle of mobile security tools, including planning and executing upgrades to maintain optimal performance and security.
- Work closely with cross-functional teams to enhance security awareness, provide training, and ensure adherence to security protocols. Additionally, serve as a key feedback conduit to the mobile binary scanning team, risk management, and source scanning teams, ensuring continuous improvements in security posture and alignment with organizational security strategies.
- Utilize our mobile security vendors and tools to drive proactive security measures, ensuring optimal configuration, monitoring, and maintenance to safeguard our mobile applications.
- Oversee the deployment, integration, and ongoing support of mobile security tools, ensuring they are effectively utilized and updated.
- Provide technical leadership in securing mobile applications and infrastructure, ensuring compliance with industry standards and best practices.
- Manage the lifecycle of mobile security tools, including planning and executing upgrades to maintain optimal performance and security.
- Work closely with cross-functional teams to enhance security awareness, provide training, and ensure adherence to security protocols. Additionally, serve as a key feedback conduit to the mobile binary scanning team, risk management, and source scanning teams, ensuring continuous improvements in security posture and alignment with organizational security strategies.
Reverse Engineer - Android*
A Cybersecurity Firm
$90,000 - $120,000 a year
Required Qualifications & Skills
- Associate's, Bachelor's, or Master's degree in Computer Science or a related discipline (preferred)
- 3-5 years of hands-on experience with Android and reverse engineering
- In-depth understanding of Android internals and the ability to read, comprehend, and analyze source code software
- Familiarity with reverse engineering tools such as Jadx, Ghidra, Frida, IDA Pro, and Burp to perform binary and APK analysis
- 3-5 years of hands-on experience with Android and reverse engineering
- In-depth understanding of Android internals and the ability to read, comprehend, and analyze source code software
- Familiarity with reverse engineering tools such as Jadx, Ghidra, Frida, IDA Pro, and Burp to perform binary and APK analysis
Key Responsibilities
As a dedicated and collaborative Android Malware Reverse Engineer, you will conduct reverse engineering, security assessments, and code reviews. You will also conduct and assist with complex decompilation, unpacking, code review, and malicious mobile software reviews. The goal of the work is to identify families of malware and act on apps at scale.
To give you an idea of how this Reverse Engineer Malware Analysis - Android role would look and feel, here are some things you could expect to do:
- Review malicious applications and SDKs by analyzing, unpacking, and reverse engineering software that compromises Android devices
- Review security policy violations, vulnerabilities, or improper coding practices
- Research threats like APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
To give you an idea of how this Reverse Engineer Malware Analysis - Android role would look and feel, here are some things you could expect to do:
- Review malicious applications and SDKs by analyzing, unpacking, and reverse engineering software that compromises Android devices
- Review security policy violations, vulnerabilities, or improper coding practices
- Research threats like APT using Open-Source Intelligence (Virus Total, Web, ExploitDB, MITRE, etc.)
Android Mobile Reverse Engineer*
An IT Consulting Firm
$100,000 - $150,000 a year
Required Qualifications & Skills
- Proficiency in Android app development
- Expertise in reverse engineering tools
- Knowledge of Android internals
- Strong debugging and analysis skills
- Familiarity with encryption and obfuscation techniques
- Ability to work with disassemblers and debuggers
Desired Qualifications:
- Experience with Android emulator tools
- Familiarity with mobile penetration testing
- Experience with static and dynamic analysis tools
- Knowledge of security exploits in mobile apps
- Ability to develop custom reverse engineering scripts
- Strong communication and reporting abilities
- Expertise in reverse engineering tools
- Knowledge of Android internals
- Strong debugging and analysis skills
- Familiarity with encryption and obfuscation techniques
- Ability to work with disassemblers and debuggers
Desired Qualifications:
- Experience with Android emulator tools
- Familiarity with mobile penetration testing
- Experience with static and dynamic analysis tools
- Knowledge of security exploits in mobile apps
- Ability to develop custom reverse engineering scripts
- Strong communication and reporting abilities
Key Responsibilities
- Analyze Android applications for vulnerabilities
- Deconstruct mobile application code
- Identify and mitigate security risks
- Reverse engineer mobile app binaries
- Conduct security audits on Android systems
- Document findings and create reports
- Deconstruct mobile application code
- Identify and mitigate security risks
- Reverse engineer mobile app binaries
- Conduct security audits on Android systems
- Document findings and create reports
Mobile Implant Software Engineer*
A Cyber-Risk Consulting Firm
$114,000 - $180,000 a year
Required Qualifications & Skills
- Proven experience in CNO and software development, particularly in support of DoD and Intelligence community customers
- Demonstrated ability to perform advanced research and development on embedded systems, Linux, and iOS platforms
- Strong understanding of network protocols and experience in implementing support for TCP, UDP, and TLS
- Experience in designing, developing, and integrating modular cyber capabilities
- Proficiency in using and integrating CI/CD tools and practices
- Excellent problem-solving skills and the ability to design novel solutions to complex security challenges
- Strong leadership skills with the ability to guide and mentor development teams
- Programming Languages: C, C++, Python, Java, x86 Assembly, MIPS Assembly, Microblaze Assembly, ARM Assembly, ARM64 Assembly, VHDL, Verilog, XML, JSON, HTML
- Tools and Technologies: LLDB/LLVM, IDA Pro, Immunity Debugger, Immunity Canvas, Eclipse, Git, Subversion, Embedded Systems, FPGAs, Docker, Intel Performance Primitives (IPP), High Performance Computing (HPC), REDHAWK, OmniORB CORBA, Software Defined Radios (SDR), Signal Processing, MySQL, PostgreSQL, JDBC, Django, ActiveMQ, Jpype, Pyxb, STOMP
- Demonstrated ability to perform advanced research and development on embedded systems, Linux, and iOS platforms
- Strong understanding of network protocols and experience in implementing support for TCP, UDP, and TLS
- Experience in designing, developing, and integrating modular cyber capabilities
- Proficiency in using and integrating CI/CD tools and practices
- Excellent problem-solving skills and the ability to design novel solutions to complex security challenges
- Strong leadership skills with the ability to guide and mentor development teams
- Programming Languages: C, C++, Python, Java, x86 Assembly, MIPS Assembly, Microblaze Assembly, ARM Assembly, ARM64 Assembly, VHDL, Verilog, XML, JSON, HTML
- Tools and Technologies: LLDB/LLVM, IDA Pro, Immunity Debugger, Immunity Canvas, Eclipse, Git, Subversion, Embedded Systems, FPGAs, Docker, Intel Performance Primitives (IPP), High Performance Computing (HPC), REDHAWK, OmniORB CORBA, Software Defined Radios (SDR), Signal Processing, MySQL, PostgreSQL, JDBC, Django, ActiveMQ, Jpype, Pyxb, STOMP
Key Responsibilities
- Lead research and development projects focused on mobile vulnerabilities and cyber operations
- Design and implement innovative solutions to address operational security challenges
- Architect and develop flexible, modular cyber capabilities in C, C++, and Python
- Triage and analyze public software vulnerabilities (CVEs) for security concerns
- Provide technical support and custom solutions to high-priority customer needs
- Design and develop new client/server data distribution tools
- Implement support for multiple network protocols, including TCP, UDP, and TLS
- Create custom build systems and ensure portability using Docker
- Integrate new projects with CI/CD services to streamline development processes
- Generate and maintain unit tests to enhance the reliability of client/server applications
- Guide the development team in adhering to industry software engineering standards and best practices
- Design and implement innovative solutions to address operational security challenges
- Architect and develop flexible, modular cyber capabilities in C, C++, and Python
- Triage and analyze public software vulnerabilities (CVEs) for security concerns
- Provide technical support and custom solutions to high-priority customer needs
- Design and develop new client/server data distribution tools
- Implement support for multiple network protocols, including TCP, UDP, and TLS
- Create custom build systems and ensure portability using Docker
- Integrate new projects with CI/CD services to streamline development processes
- Generate and maintain unit tests to enhance the reliability of client/server applications
- Guide the development team in adhering to industry software engineering standards and best practices
iOS Vulnerability Engineer (Software)*
An IT Consulting Firm
$120,000 - $170,000 a year
Required Qualifications & Skills
- Strong knowledge of iOS internals
- Proficiency in reverse engineering tools
- Expertise in static and dynamic code analysis
- Familiarity with secure coding practices
- Proficiency in iOS development tools (e.g., Xcode)
- Ability to exploit and remediate vulnerabilities
Desired skills:
- Knowledge of ARM assembly
- Experience with fuzz testing methodologies
- Familiarity with jailbreak development
- Understanding of malware analysis techniques
- Expertise in cryptographic protocols
- Proficiency in scripting for automation (e.g., Python)
- Proficiency in reverse engineering tools
- Expertise in static and dynamic code analysis
- Familiarity with secure coding practices
- Proficiency in iOS development tools (e.g., Xcode)
- Ability to exploit and remediate vulnerabilities
Desired skills:
- Knowledge of ARM assembly
- Experience with fuzz testing methodologies
- Familiarity with jailbreak development
- Understanding of malware analysis techniques
- Expertise in cryptographic protocols
- Proficiency in scripting for automation (e.g., Python)
Key Responsibilities
- Identify and analyze iOS vulnerabilities
- Develop mitigation strategies for discovered issues
- Conduct security assessments of iOS applications
- Perform reverse engineering of iOS binaries
- Collaborate with development teams to improve software security
- Document findings and recommend improvements
- Develop mitigation strategies for discovered issues
- Conduct security assessments of iOS applications
- Perform reverse engineering of iOS binaries
- Collaborate with development teams to improve software security
- Document findings and recommend improvements
Android Security Engineer*
An IT Consulting and Services Firm
$115,000 - $165,000 a year
Required Qualifications & Skills
- Reverse Engineering Fundamentals:
- Static Analysis - decompilation, dissasembly, code auditing
- Dynamic Analysis - debugging monitoring, fuzzing
- Sample Tools - IDA Pro, Ghidra, Radare2, Jadx, Fernflower, Smali, Baksmalu, ADB, JDWP, Android studio, bluestack, Frida, Wireshark, Cyberchef. HTTP interception, Yara, Snort
- Programming (Java/Kotlin, Scripting, Javascript, Encode/Decode, encryption and decryption)
- Android fundamentals (permissions, Manifest, Entry points, Broadcast receivers, exported activities, services, subclasses, Dalvik/ART Virtual machine)
- Static Analysis - decompilation, dissasembly, code auditing
- Dynamic Analysis - debugging monitoring, fuzzing
- Sample Tools - IDA Pro, Ghidra, Radare2, Jadx, Fernflower, Smali, Baksmalu, ADB, JDWP, Android studio, bluestack, Frida, Wireshark, Cyberchef. HTTP interception, Yara, Snort
- Programming (Java/Kotlin, Scripting, Javascript, Encode/Decode, encryption and decryption)
- Android fundamentals (permissions, Manifest, Entry points, Broadcast receivers, exported activities, services, subclasses, Dalvik/ART Virtual machine)
Key Responsibilities
- Reverse engineering and assessing risk and user harm from potentially harmful applications
- Conducting static and dynamic analysis
- Providing assessment and evidence to support findings
- Assessing detection and analysis gaps as well as scalable enforcement through detection rules
- Conducting static and dynamic analysis
- Providing assessment and evidence to support findings
- Assessing detection and analysis gaps as well as scalable enforcement through detection rules
Information Security Engineer (Android)*
A Large Online Media Provider
$197,000 - $291,000 a year
Required Qualifications & Skills
- Bachelor's degree or equivalent practical experience
- 8 years of experience with security assessments or security design reviews or threat modeling
- 8 years of coding experience in one or more general purpose languages
Preferred qualifications:
- Knowledge in programming languages, compilers, static and dynamic analysis techniques
- Experience in Mobile App Development and Android Apps
- Experience implementing sand-boxing infrastructure or low-level systems features and building static analysis tools, linters or compilers
- Experience with open source
- 8 years of experience with security assessments or security design reviews or threat modeling
- 8 years of coding experience in one or more general purpose languages
Preferred qualifications:
- Knowledge in programming languages, compilers, static and dynamic analysis techniques
- Experience in Mobile App Development and Android Apps
- Experience implementing sand-boxing infrastructure or low-level systems features and building static analysis tools, linters or compilers
- Experience with open source
Key Responsibilities
- Perform Android security reviews, research and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers.
- Review and develop secure operational practices, and provide security guidance for engineers and support staff
- Review designs and look for vulnerabilities, both with one-time reviews and longer term engagements
- Look for vulnerabilities with techniques including reverse engineering, fuzzing, and static analysis
- Respond to vulnerabilities with repos, mitigations, and hardening. Surface vulnerability patterns and design them out.
- Review and develop secure operational practices, and provide security guidance for engineers and support staff
- Review designs and look for vulnerabilities, both with one-time reviews and longer term engagements
- Look for vulnerabilities with techniques including reverse engineering, fuzzing, and static analysis
- Respond to vulnerabilities with repos, mitigations, and hardening. Surface vulnerability patterns and design them out.
Sr. Android Penetration Tester*
A Gobal Device Company
$130,000 - $166,000 a year
Required Qualifications & Skills
- 5+ years of penetration testing experience, including 2+ years of Android penetration testing and 1+ year of web application penetration testing
- Strong understanding of malware, phishing attacks, attack vectors, and security best practices
- Knowledge of penetration testing tools, threat modeling, and security frameworks
- Ability to conduct security research, CVE analysis, and adversary simulation
- Strong communication skills to work cross-functionally with engineering and security teams
- Experience working in corporate environments with internal penetration testing teams (preferred over agency-based consulting experience)
- Bachelor’s degree in either Cybersecurity, Computer Science, Information Security, or related field
Preferred Qualifications:
- Certifications in offensive security
- Published CVEs, blog posts, or walkthroughs on security research
- Malware development and reverse engineering experience
- Experience working in top security consulting firms or in-house red teams at major tech companies
- Hands-on experience with firmware penetration testing and IoT security.
- Strong understanding of malware, phishing attacks, attack vectors, and security best practices
- Knowledge of penetration testing tools, threat modeling, and security frameworks
- Ability to conduct security research, CVE analysis, and adversary simulation
- Strong communication skills to work cross-functionally with engineering and security teams
- Experience working in corporate environments with internal penetration testing teams (preferred over agency-based consulting experience)
- Bachelor’s degree in either Cybersecurity, Computer Science, Information Security, or related field
Preferred Qualifications:
- Certifications in offensive security
- Published CVEs, blog posts, or walkthroughs on security research
- Malware development and reverse engineering experience
- Experience working in top security consulting firms or in-house red teams at major tech companies
- Hands-on experience with firmware penetration testing and IoT security.
Key Responsibilities
- Develop expertise in our product solutions, deep diving into design/architecture, & execute white box and black box penetration scenarios
- Plan, scope and conduct vulnerability assessment/ Penetration test on internal / external facing public assets such as Web application, Android platform, Android Apps, Backend APIs, and Cloud services
- Research & and conduct adversary simulation for known security threats and identify novel attack vectors to test a system’s relative security readiness
- Conduct Threat modelling, Threat Intelligence and scoping with stakeholders
- Assist in creating and maintaining internal penetration testing and practice within QA team, managing vulnerabilities and tracking until closure
- Build Test harness & required Automation suites and validate attack vectors in Threat Lab
- Co-ordinate with program management, security architects at Internal & offshore sites
- Stays up to date on current tools, technologies, and vulnerabilities to incorporate into testing practices
- Research and developing exploits for zero-day vulnerabilities
- Conduct penetration test on IOT and Firmware Devices
- Plan, scope and conduct vulnerability assessment/ Penetration test on internal / external facing public assets such as Web application, Android platform, Android Apps, Backend APIs, and Cloud services
- Research & and conduct adversary simulation for known security threats and identify novel attack vectors to test a system’s relative security readiness
- Conduct Threat modelling, Threat Intelligence and scoping with stakeholders
- Assist in creating and maintaining internal penetration testing and practice within QA team, managing vulnerabilities and tracking until closure
- Build Test harness & required Automation suites and validate attack vectors in Threat Lab
- Co-ordinate with program management, security architects at Internal & offshore sites
- Stays up to date on current tools, technologies, and vulnerabilities to incorporate into testing practices
- Research and developing exploits for zero-day vulnerabilities
- Conduct penetration test on IOT and Firmware Devices
iOS Application Security Engineer*
A Cybersecurity Testing & Consulting Firm
$125,000 - $175,000 a year
Required Qualifications & Skills
- Bachelor’s degree in Computer Science, Information Security, or a related field, or 5+ years in mobile application development
- Extensive experience in iOS application development using Swift/Objective-C
- In-depth knowledge of mobile security vulnerabilities (OWASP Mobile Top 10) and remediation techniques
- Proficiency in iOS frameworks (UIKit, Core Data) and Android frameworks
- Familiarity with mobile security testing tools (e.g., MobSF, Drozer, Burp Suite, OWASP ZAP)
- Strong understanding of cryptography principles, secure data storage, and key management
Preferred Qualifications:
- Relevant security certifications
- Experience with mobile reverse engineering tools such as Frida
- Knowledge of App Store and Google Play Store compliance requirements
- Familiarity with advanced encryption techniques and secure app distribution
Key Responsibilities
- Secure Code Development (iOS & Android)
- Security Architecture & Threat Modeling
- Code Reviews & Security Auditing
- Mobile Vulnerability Management
- Penetration Testing & Threat Analysis
- Secure Data Handling & API Security
- Policy Development & Compliance
- Collaboration & Incident Response
iOS Engineer - Product Security*
A Tech Giant Company
$143,100 - $264,200 a year
Required Qualifications & Skills
- 2+ years of iOS app development experience in Swift and/or Objective-C
- Experience and/or strong interest in security/secure programming, digital signatures and PKI
- User interface programming experience with SwiftUI and/or UIKit
- Understanding of computer science fundamentals
- Able to thrive in a reciprocal environment and clearly communicate across teams
Preferred Qualifications:
- Self-motivated, critical, and detail oriented
- Strong debugging and analytical skills
- Familiar with the ISO 18013-5 standard is a plus
- Experience developing software with any of the following frameworks is a plus: ID Verifier API , Verify with Wallet API
- BS or MS in Computer Science, related technical field or equivalent experience