As an Android Security Engineer, you will play a critical role in safeguarding the integrity of Android device lock mechanisms by proactively identifying and mitigating vulnerabilities that could be exploited to bypass security controls. You will work at the intersection of quality assurance and offensive security research, conducting in-depth analysis of Android's authentication systems, bootloader protections, and factory reset safeguards across multiple device manufacturers and OS versions. Your efforts will directly contribute to improving the resilience of device security against both known and emerging bypass techniques, ensuring user data remains protected. You will collaborate closely with engineering teams to validate fixes, provide actionable insights from exploitation research, and help shape long-term security strategies. This role demands a deep understanding of Android internals, a methodical testing approach, and a relentless curiosity about how systems can be subverted and strengthened.
Responsibilities
- Systematically evaluate the device lock system across a wide range of Android devices and OS versions after every over-the-air update.
- Perform regular security testing following any changes to the lock technology to ensure continued resilience.
- Research, obtain, and apply current and emerging tools and methods—including factory resets, bootloader exploits, ADB manipulation, custom ROM flashing, and FRP bypass techniques—to simulate real-world lock circumvention attempts.
- Design and maintain detailed test plans, cases, and scenarios focused on detecting weaknesses in anti-tampering and lock enforcement features.
- Simulate diverse attack paths and user behaviors that could compromise the lock mechanism.
- Record all testing procedures, findings, vulnerabilities, and reproduction steps clearly and accurately using the bug tracking system.
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
- Minimum of three years in Quality Assurance, with one to two years dedicated to Android mobile testing and hands-on experience attempting to bypass software locks or security controls.
- Solid knowledge of Android OS architecture, including bootloader, recovery mode, ADB, fastboot, system partitions, and built-in security mechanisms.
- Familiarity with common rooting methods, custom ROMs like LineageOS, and modification tools such as Magisk and Xposed Framework to understand potential attack vectors.
- Proficiency with Android debugging tools including Android Studio, Logcat, and network analysis tools like Wireshark or tcpdump when necessary.
Tech Stack
Android OS, ADB (Android Debug Bridge), fastboot, Logcat, Wireshark, tcpdump, JIRA, Magisk, Xposed Framework, LineageOS, custom ROMs, FRP bypass tools, rooting tools
Benefits
- Fully company-funded private health insurance for employee and immediate family members.
- 20 days of vacation and unlimited sick leave.
- Annual $2,000 USD co-working travel allowance.
- Annual $2,000 USD professional development benefit.
- Finance for the next billion
- Ownership
- Break Through Walls
- Live Communication
- Transparency & Directness
- Focus on Scale
- Work-Life Balance
- Embrace Diversity
- Speed
- Active Listening
Additional Information
- This role supports equal employment opportunity and encourages applicants from all backgrounds to apply.
- Prohibited grounds for discrimination include race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, veteran status, disability status, or other legally protected characteristics.
