Senior Android Security Researcher

Android Security Researcher (Advanced Mobile Exploitation & Defense)

Company: YAL

Location:

Hyderabad, India

Employment Type:

Full-time

Salary:
Competitive

About YAL

YAL is building a secure communication and discovery platform focused on protecting users in environments exposed to advanced mobile threats, targeted exploitation, malware, spyware, and surveillance-grade attacks.

Security at YAL is a core engineering discipline, not an afterthought. We are forming a high-caliber mobile security research team to identify, simulate, and defend against real-world Android attack techniques used by sophisticated adversaries.

Role Overview

As an Android Security Researcher, you will conduct deep offensive and defensive mobile security research, focusing on Android applications, runtime behavior, and advanced exploitation patterns relevant to secure communication and discovery use cases.

This role is intended for researchers who understand how modern mobile exploits work at both application and system levels, and who can translate that understanding into strong defensive architecture.

What You Will DoOffensive Security & Exploit Research

- Reverse engineer Android applications (APK, DEX, native .so)
- Identify and exploit:
- Authentication and authorization flaws (IDOR, logic errors)
- Exported activities, services, and broadcast receivers
- Intent injection and IPC misuse
- Web View vulnerabilities and unsafe JavaScript bridges
- Perform runtime analysis and manipulation using:
- Frida, Objection, Xposed, Magisk
- Research advanced client-side attack surfaces affecting communication and discovery flows, including:
- Media parsing and file-handling vulnerabilities
- Message, notification, and call-triggered attack paths
- Multi-stage exploit logic combining multiple weaknesses
- Analyze real-world Android malware, spyware, and targeted attack techniques

Advanced Threat & Pegasus-Class Awareness

You are expected to understand and reason about attack patterns associated with surveillance-grade mobile exploitation, such as:

- Zero-interaction or minimal-interaction attack vectors
- Exploitation through media processing, message handling, or call setup logic
- Abuse of trusted native libraries and client-side components
- Post-compromise techniques including persistence, evasion, and stealth
- Bypassing runtime inspection and application-level security controls

This role focuses on defensive understanding and mitigation of these attack classes, not offensive spyware development.
Defensive Engineering & Hardening

- Design protections against:
- Runtime hooking and instrumentation frameworks
- Tampered or repackaged APKs
- Credential, token, and cryptographic key extraction
- Build and validate:
- Runtime integrity verification mechanisms
- Anti-tampering and anti-debugging strategies
- Secure:
- Local storage and encrypted databases
- Cryptographic key usage via Android Keystore
- Media, file, and discovery-related data processing pipelines
- Assess and secure on-device ML / TFLite models against extraction and manipulation
- Work closely with Android engineers to deliver secure-by-design implementations

Android Platform Knowledge

- Android sandbox, permission model, and process isolation
- AOSP fundamentals, Binder IPC, and SELinux
- Android signing schemes (v2 / v3 / v4)
- Native/JNI basics and ARM
64 familiarity
- Understanding of Android system services and app–system interaction

Tools & Skills

- JADX, APKTool, MobSF
- Frida, Objection, Drozer
- ADB, logcat, strace
- Burp Suite / Charles Proxy
- Ghidra or IDA Pro for native analysis
- Rooted devices, emulators, and controlled test environments

Strongly

Preferred Qualifications

We highly value candidates with proven high-impact security research experience, including:

- Top 100 rankings on competitive platforms such as:
- Hacker One
- Bugcrowd
- Synack Red Team
- Intigriti
- Public vulnerability disclosures in Android or mobile applications
- CVEs, high-severity bug bounty reports, or advanced technical writeups
- Experience researching security-sensitive or large-scale mobile platforms

Exceptional researchers without public rankings are encouraged to apply if their technical depth is strong. Nice to Have

- Mobile CTF background (Android, reversing, exploitation)
- Experience analyzing VoIP, media parsers, or native libraries
- Research exposure to advanced mobile malware or targeted attacks
- Blogs, talks, or open-source contributions in mobile security

What This Role Is Not

- Not a compliance or policy-only role
- Not limited to automated scanning or checklist security
- Not a junior or entry-level application security position

This role is for researchers who understand real-world attack behavior and design defenses accordingly.

Interview Process

- Practical Android reversing challenge
- Runtime analysis or exploitation reasoning exercise
- Secure design discussion focused on advanced mobile threat models
- No algorithm puzzles or theory-only interviews