At our company, we believe in an open, flexible culture based on respect and trust. Our track record and thriving work environment all stem from the freedom we grant ourselves to get the job done right. We unite around common goals while respecting personal approaches, believing that fulfilled individuals create a thriving, vibrant workplace. We take pride in helping tens of thousands of customers around the globe succeed with Apple.
we offer remote, in-office, and hybrid roles. Work-life balance remains our priority while feeling connected is important to maintain our strong culture, achieve our goals, and thrive.
This role is based in Tel Aviv, Israel. We are only able to accept applications for those based in Israel or have sponsorship to live and work in Israel.What you'll do:
At our company, we empower people to be their best selves and do their best work. Security Researcher plays a critical role in advancing we mobile security research efforts. This role is responsible for investigating and analyzing security vulnerabilities, developing cutting-edge techniques for mobile device forensics, and contributing to the development of innovative solutions that protect our clients' mobile ecosystems and to publish security research. What you can expect to do in this role:
iOS Security Analysis: Conduct in-depth analysis of iOS security mechanisms, including the secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection. Identify weaknesses and potential vulnerabilities within the iOS ecosystem.
Vulnerability Assessment: Perform comprehensive vulnerability assessments of iOS applications using industry-standard frameworks such as MITRE, OWASP Mobile Security Testing Guide, and tools like Burp Suite. Identify and document security issues and propose mitigation strategies.
Attack Vector Analysis: Explore potential attack vectors that could compromise iOS devices and applications. Develop a deep understanding of the iOS threat landscape and post-exploit scenarios to anticipate and counteract security threats effectively.
Reverse Engineering: Utilize reverse engineering techniques and tools such as IDA Pro, Hopper, and Ghidra to dissect iOS applications and firmware. Analyze binaries, disassemble code, and reverse engineer software components to uncover vulnerabilities and weaknesses.
Privilege Escalation Research: Investigate iOS privilege escalation techniques and vulnerabilities, staying ahead of potential threats. Research and develop countermeasures to protect against privilege escalation attacks.
Development Contributions: While not mandatory, the ability to develop security-related tools, scripts is an advantage. Contribute to the creation of custom tools or enhancements that aid in mobile forensic analysis and security assessments.
Documentation and Reporting: Create detailed reports and documentation of security findings, methodologies, and recommended solutions. Communicate research results effectively to both technical and non-technical stakeholders through written reports and presentations.
Collaboration: Collaborate closely with cross-functional teams, including fellow researchers,software developers, and cybersecurity experts, to share insights, collaborate on security initiatives, and contribute to the development of secure mobile solutions.
Stay Current: Continuously monitor and stay up-to-date with the latest developments in iOS security, vulnerabilities, and exploits. Contribute to threat intelligence by sharing relevant information with the team.
Requirements: What we are looking for:
Minimum of 5 years of experience in relevant field
Minimum of 4+ years of experience in vulnerability assessment of iOS applications (e.g., MITRE, OWASP Mobile Security Testing Guide, Burp Suite)
Minimum of 5 years of experience in Reverse Engineering (e.g., IDA Pro, Hopper, ghidra)
Understanding of potential attack vectors and post-exploit scenarios
Understanding
This position is open to all candidates.