Android Malware Analyst (RARR Job 5530)

Key Responsibilities

• Conduct static and dynamic analysis of potentially malicious Android applications (APKs, SDKs).

• Perform reverse engineering (DEX, native libs) to uncover malicious techniques.

• Identify and analyze spyware, trojans, rootkits, and other Android malware.

• Analyze network traffic to detect indicators of C2 activity or data exfiltration.

• Prepare clear technical reports and executive summaries for both technical and non-technical stakeholders.

• Support client communications by presenting findings and providing remediation guidance.

• Mentor or guide junior analysts as needed.

Minimum Qualifications

• Bachelor’s degree in CS, Cybersecurity, or related technical field (or equivalent hands-on experience).

• 2–3+ years in malware analysis, reverse engineering, or application/mobile security.

• Hands-on experience in static/dynamic/behavioral analysis of Android applications.

• Good programming background — Java, Kotlin, JavaScript, Flutter (any 2+ required).

• Familiarity with Android internals (app lifecycle, permissions, DEX structure).

• Knowledge of network traffic analysis (protocols, interception, Wireshark/Burp).

• Awareness of PHA categories, IOCs, and mobile security best practices.

Good to Have

• Experience with reverse engineering tools: Ghidra, IDA Pro, Frida, JADX, APKTool.

• Ability to develop detection signatures (YARA rules, Sigma, Suricata/Snort).

• Exposure to automation of malware analysis workflows or threat detection pipelines.

• Scripting skills (Python, Bash) to create custom tooling and improve efficiency.

• Knowledge of DevSecOps concepts (secure SDLC, CI/CD security checks).

Tools & Frameworks

• Reverse Engineering: Ghidra, IDA Pro, Frida, JADX

• Network & Proxy: Burp Suite, HTTP Toolkit, Wireshark

• Threat Intel: VirusTotal, MITRE ATT&CK, ExploitDB

• Dev & Debug: Android Studio, ADB

• Scripting: Python, Bash, JavaScript