Android Security Researcher
About The Position
Cellebrite’s (Nasdaq: CLBT) mission is to enable its customers to protect and save lives, accelerate justice, and preserve privacy in communities around the world. Cellebrite is a global leader in Digital Intelligence solutions for the public and private sectors, empowering organizations to master the complexities of legally sanctioned digital investigations by streamlining intelligence processes. Trusted by thousands of leading agencies and companies in more than 140 countries, Cellebrite’s Digital Intelligence platform and solutions transform how customers collect, review, analyze and manage data in legally sanctioned investigations.
What is your mission?
As a talented researcher you will be join the industry’s leading digital intelligence Security Research Labs group. In this position you will be taking part and leading new projects in little-explored vulnerability research territories, producing world-unique capabilities to extract evidence from phones and other embedded devices. Recent phones (from burner phones to the latest flagships) are increasingly challenging from a forensics perspective, and involve hardware-backed encryption (FDE/FBE), secure boot chains (Verified Boot/dm-verity), evolving hardened SELinux policies, as well as adventures in ARM TrustZone secure worlds.
What you’ll love about your mission?
You will joining Cellebrite’s digital intelligence Security Research Labs Group and be a part of a team of passionate researchers, dedicated to solving modern digital intelligence challenges, years ahead of others in the industry. Our world-class research results assist law enforcement by enabling lawful evidence extraction, putting criminals behind bars, every day.
The superpowers we are looking for:
You are a security researcher who cares about the ethical use case for his/her work, and if the art of engineering and crafting a platform-wide native payload in a fragmented ecosystem of gaping variance is the kind of challenge you appreciate, you belong with us. We need your help to make the world a safer place.
- Practical experience performing vulnerability research and exploitation, preferably in mobile or other modern environments, eg. Windows/Linux/iOS/MacOS
- Practical reverse engineering experience, preferably in ARM / TrustZone / Hypervisors
- Advantage: Cryptographic primitives and weaknesses
- Advantage: Advanced fuzzing
- Advantage: Offensive hardware research/board design
- Advantage: Experience dealing with modern memory corruption mitigations, such as PAC and MTE.
*Office located in Tel-Aviv