Android Security Researcher

Description

Company Overview:

 Cellebrite’s (Nasdaq: CLBT) mission is to enable its global customers to protect and save lives by enhancing digital investigations and intelligence gathering to accelerate justice in communities around the world. Cellebrite’s AI-powered Digital Investigation Platform enables customers to lawfully access, collect, analyze and share digital evidence in legally sanctioned investigations while preserving data privacy. Thousands of public safety organizations, intelligence agencies and businesses rely on Cellebrite’s digital forensic and investigative solutions—available via cloud, on-premises and hybrid deployments—to close cases faster and safeguard communities. To learn more, visit us at www.cellebrite.com, https://investors.cellebrite.com/investors and find us on social media @Cellebrite. 

Position Overview:

As a talented researcher, you will be joining the industry’s leading digital intelligence Security Research Labs group. In this position you will be taking part and leading new projects in little-explored vulnerability research territories, producing world-unique capabilities to extract evidence from phones and other embedded devices. Recent phones (from burner phones to the latest flagships) are increasingly challenging from a forensics perspective, and involve hardware-backed encryption (FDE/FBE), secure boot chains (Verified Boot/dm-verity), evolving hardened SELinux policies, as well as adventures in ARM TrustZone secure worlds.

Key Responsibilities:

You will join Cellebrite’s digital intelligence Security Research Labs Group and be a part of a team of passionate researchers, dedicated to solving modern digital intelligence challenges, years ahead of others in the industry. Our world-class research results assist law enforcement by enabling lawful evidence extraction, and putting criminals behind bars, every day.

You are a security researcher who cares about the ethical use case for his/her work, and if the art of engineering and crafting a platform-wide native payload in a fragmented ecosystem of gaping variance is the kind of challenge you appreciate, you belong with us. We need your help to make the world a safer place.

Qualifications:

• Practical experience performing vulnerability research and exploitation, preferably in mobile or other modern environments, eg. Windows/Linux/iOS/MacOS
• Practical reverse engineering experience, preferably in ARM / TrustZone / Hypervisors
• Advantage: Cryptographic primitives and weaknesses
• Advantage: Advanced fuzzing
• Advantage: Offensive hardware research/board design
• Advantage: Experience dealing with modern memory corruption mitigations, such as PAC and MTE.

#LI-CA1