Mobile Software Security Analyst

This job is no longer active. View similar jobs.

POST DATE 9/9/2016
END DATE 10/25/2016

UL San Luis Obispo, CA

Company
UL
Job Classification
Full Time
Company Ref #
2016-2739-1524
Location
San Luis Obispo, CA
Job Type
Regular
AJE Ref #
576127081

JOB DESCRIPTION

Overview:



Other companies make products. We make a difference! Click Here!



Promoting safe living and working environments.

UL is a global independent safety science company with more than a century of expertise innovating safety solutions from the public adoption of electricity to new breakthroughs in areas such as sustainability, renewable energy, mobile payment security and nanotechnology. Dedicated to promoting safe living and working environments, UL helps safeguard people, products and places in important ways, facilitates trade and provides peace of mind.

The Mobile Software Security Analyst is responsible for developing and maintaining the internal expertise in mobile software and more particularly in the security of systems and applications executed on mobile devices.



This will include the analysis of Android and iOS applications embedded in mobile like products under evaluation, the development and the realization of high level penetration tests, and the support and the training of engineers for evaluation projects like HCE (Host Card based Emulation) products as used in Payment mobile solutions.



The position includes the representation of the company in industry forums and the management of complex projects. The Mobile Software Security Analyst should have a flexible and an innovative approach.



Perform security evaluation tasks, it may include:



* Perform code review in customer offices or UL premises to analyze the evaluated product.Leader.

* Once the vulnerability analysis is done the engineer defines the test plan with the project

* Perform software penetration testing to evaluate the HCE like or other mobile solutions with regards to reverse engineering (static and dynamic) and protocol attacks.

* Projects report writing in compliance with the laboratory and industry best practices rules.

* Contribute to the team R&D: attack tools development, new attack development, analysis tools.

* Security activities requires engineer to be at the state of the art, and more ... Research, development and the realization of innovative attacks on products under evaluation are task to be considered.





Responsibilities:



* A Master Degree in Computer Science with good skills in mobile environment systems and applications (Android, iOS, Windows).

* Deep knowledge in Android development, in related tools and development languages (Java, C, C++, Assembly), in Linux environment and Linux security.

* Knowledge in reverse engineering on binaries and applications and reverse engineering tools.

* Knowledge of mobile devices microcontroller architectures including TEE (Trusted Executions Environment) would be highly appreciated.

* Knowledge on security countermeasures on software developments: obfuscations and de- obfuscation, white box cryptography and related attacks.





Qualifications:



* High analytical skills





* Ability to work independently, to be innovative and creative





* Ability to communicate with clarity and efficiency.





* Will be able to demonstrate aptitude and a strong potential to learn quickly





* Enjoys working in a team and has the ability to engage their colleagues





* Good English level