Offensive Android Kernel Security, Specialist

Offensive Android Kernel Security, Specialist

A global device company is seeking an Android Kernel Security Researcher to join its Penetration Testing team. This role is highly specialized, focusing on offensive security research, penetration testing, and vulnerability assessment at the Android kernel level. The ideal candidate will have deep expertise in Android kernel security, reverse engineering, and exploit development to identify, analyze, and mitigate security threats.
Responsibilities:

• Conduct in-depth security research on Android kernel vendor modules to identify emerging vulnerabilities.
• Analyze the latest attack vectors, exploitation techniques, and evolving security threats affecting the Android ecosystem.
• Perform reverse engineering on Android system components, identifying weaknesses in kernel security mechanisms.
• Conduct offensive security testing on Android OS components, including:
  • Trusted Execution Environment (TEE)
  • Bootloader security
  • Kernel-level protections
• Develop Proof-of-Concept (PoC) exploits, including zero-day (0-day) and one-day (1-day) attacks, to assess system vulnerabilities.
• Use fuzzing techniques and security testing frameworks to stress-test Android kernel components.
• Utilize reverse engineering tools (e.g., IDA Pro, Ghidra) to decompile and analyze Android binaries.
• Debug and analyze kernel internals to identify privilege escalation paths and potential exploits.
• Perform code and binary audits to uncover previously unidentified security flaws.
• Document security research findings, vulnerabilities, and penetration testing results in a clear and concise manner.
• Present security analysis, including exploit methodologies and mitigation recommendations, to executive teams and security stakeholders.
• Contribute to CVE reporting and security advisories, helping improve Android kernel security.

Required Skillset:

• 3+ years of experience in Android system-level penetration testing, with a strong focus on Android kernel security.
• Hands-on experience with Android kernel-level programming and kernel debugging tools.
• Reverse engineering expertise, using tools such as IDA Pro, Ghidra, and experience in binary analysis and decompiling.
• Strong understanding of Linux/Android kernel internals, access controls, and security mechanisms.
• Proficiency in penetration testing methodologies and fuzzing tools to identify kernel vulnerabilities.
• Prior experience in developing and executing exploits targeting Android kernel security protections.
• Strong communication skills, with the ability to document findings and present security research to executives.
• Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field.

Bonus Skillset:

• Security certifications in OSCE, OSCP, OSEE, or equivalent industry-recognized offensive security certifications.
• Experience in presenting security research at conferences such as Black Hat, DEF CON, or security symposiums.
• Experience in publishing CVEs or contributing to Android security vulnerability research.
• Additional experience in exploit development, vulnerability research, and red teaming methodologies.

Type: Contract
Duration: 12 months to start
Schedule: Onsite (5 days/week)
Pay Rate: $55 - $71.50/hr