Mobile Malware Engineer

Peraton is hiring a Mobile Malware Engineer to analyze, reverse engineer, and characterize malicious software targeting Android and iOS platforms in support of a federal government customer. Using expertise in malware reverse engineering and analysis, the engineer will evaluate complex malicious code through tools including disassemblers, debuggers, hex editors, unpackers, virtual machines, and network sniffers. The engineer will investigate instances of malicious code to determine attack vectors, payloads, and the extent of damage and data exfiltration — delivering actionable intelligence products that directly support national security missions.

Core responsibilities include:

• Perform static and dynamic analysis of mobile malware on Android and iOS platforms.
• Reverse engineer ARM/ARM64 binaries; unpack APK/IPA files, bypass runtime protections, and conduct reverse engineering of known and suspected malware files.
• Identify C2 infrastructure, persistence mechanisms, and indicators of compromise (IOCs); investigate attack vectors, payloads, and the extent of data exfiltration.
• Identify vulnerabilities in binaries, analyze shellcode, and recommend preventative or defensive actions.
• Develop custom tooling, automation scripts, and YARA detection signatures; build network and host-based signatures and recommend heuristic or anomaly-based detection methods.
• Produce technical reports with MITRE ATT&CK for Mobile mappings, remediation recommendations, and detailed documentation of malware behavior and command-and-control infrastructure.
• Perform ongoing research into malicious software, emerging vulnerabilities, and exploitation tactics to stay ahead of evolving threats.
• Collaborate with forensics, vulnerability research, and cyber operations teams.

*This position requires full-time, onsite attendance Monday through Friday in the Baltimore metropolitan area.

REQUIRED QUALIFICATIONS

• Bachelor's + 8 yrs experience, or Master's + 6 yrs experience. A degree in Cybersecurity, Computer Science, Software Engineering, Information Technology, Information Systems, or related field is highly desired. However, an additional four years of experience may be considered in lieu if a Bachelor's degree.
• Proficiency in ARM/ARM64 assembly and low-level binary analysis.
• Strong knowledge of Android and iOS internals (APK/IPA structure, ART runtime, Mach-O binaries)
• Hands-on experience with: Ghidra, IDA Pro, Jadx, Frida, MobSF, Corellium.
• Scripting in Python; familiarity with Java, Kotlin, or Swift.
• Active Top Secret with SCI eligibility clearance required.

DESIRED QUALIFICATIONS:

• Experience with CNO toolchains or offensive mobile capability development.
• Familiarity with nation-state APT campaigns targeting mobile endpoints.
• Knowledge of MDM/EMM environments and mobile forensics tools (Cellebrite, Oxygen Forensic).
• Published research, CVEs, or open-source contributions in mobile security.

Preferred Certifications:  GREM, GMOB, eMAPT, OSED, OSCP, CISSP, or CompTIA SecurityX.