Malware Campaign Researcher

We're seeking a Malware Campaign Researcher with proven reverse engineering expertise. If you're an analytical, code-focused professional eager to dissect malicious Android applications and transform your findings into robust detection capabilities, you'll find a critical role here.

Responsibilities: 

• The role involves conducting comprehensive reverse engineering of Android malware campaigns to uncover techniques and code patterns
• Using static and dynamic analysis techniques to identify campaign indicators
• Work closely with reverse engineers to transform technical findings into robust detection capabilities
• Analyze and document malware code structures, obfuscation techniques, and behavioral patterns across diverse Android campaign types
• Create and maintain malware signatures, detection rules, and automated analysis tools based on reverse engineering findings
• Develop comprehensive signature databases and detection systems to identify Android malware campaigns at scale
• Coordinate campaign validation processes in collaboration with research team members

Must Have

• At least 3 years of proven experience in reverse engineering and malware analysis
• At least 2 years of hands-on experience with malware analysis across desktop or mobile platforms
• Strong programming skills with proficiency in reading and analyzing code across multiple languages
• Proven ability to perform static and dynamic analysis of applications using industry-standard tools
• Experience with application architecture, framework internals, and security mechanisms
• Strong technical documentation skills with the ability to explain complex code analysis findings
• Familiarity with malware obfuscation techniques and anti-analysis methods

Nice to Have

• Strong proficiency in Java and Object-Oriented Programming principles - significant advantage
• Experience with Android malware analysis and APK reverse engineering
• Experience with Android development using Java/Kotlin and Android Studio
• Hands-on experience with reverse engineering tools such as Ghidra, IDA Pro, or Radare2
• Proficiency with Android analysis frameworks like Frida, Xposed, or custom instrumentation
• Experience with YARA
• Experience with DEX bytecode analysis and Android runtime manipulation
• Knowledge of Android malware families and campaign attribution techniques
• Understanding of Android native code analysis (ARM assembly, JNI)
• Experience with malware detection tools and signature development

ActiveFence is the leading provider of security and safety solutions for online experiences, safeguarding more than 3 billion users, top foundation models, and the world’s largest enterprises and tech platforms every day. As a trusted ally to major technology firms and Fortune 500 brands that build user-generated and GenAI products, ActiveFence empowers security, AI, and policy teams with low-latency Real-Time Guardrails and a continuous Red Teaming program that pressure-tests systems with adversarial prompts and emerging threat techniques. Powered by deep threat intelligence, unmatched harmful-content detection, and coverage of 117+ languages, ActiveFence enables organizations to deliver engaging and trustworthy experiences at global scale while operating safely and responsibly across all threat landscapes.