Malware Reverse Engineer Jobs in California (NOW HIRING)

As part of the Knox Security team, security research engineers identify and solve difficult security challenges involving Samsung's mobile and enterprise laptop products. Team members are typically expert in one or more specialties, and can expect to learn more about other areas from exposure to the rest. Broad areas of work include researching and architecting hardware-based and software security mechanisms, performing vulnerability assessments, analyzing reported exploits and suggesting ways to strengthen security, and developing automated tools for security analysis of code and binaries. This is an R&D position, and research publications in academic conferences and patents are encouraged.

Technical Keywords: Secure design and architecture, cryptography, malware, access control, exploitation, vulnerability assessment, reverse engineering, static and dynamic analysis, fuzz testing, emulation, security research, UEFI/BIOS, TPM, ARM TrustZone, hypervisor

• Propose client security features at various layers of the stack for Samsung's smartphones and PCs (hardware-based, UEFI/BIOS, ARM TrustZone, hypervisor, Linux/Windows/Android) to achieve enterprise-level PC/smartphone security and work with product management teams to refine proposals
• Design and architect security features using hardware security features, access control, cryptography, and secure protocol design.
• Provide expert security guidance to global development teams and ensure security requirements are met through the development process
• Review existing feature designs and propose enhancements to secure them further
• Perform security assessments of various layers of the software stack
• Use existing tools and develop new tools for automated vulnerability assessment as required
• Keep up-to-date with latest attacks, analyze exploits from any reported incidents, and provide expert security guidance to global development teams to ensure proper fixes for security issues
• Research and innovate security through academic publications in top security and systems conferences and patents

• Undergraduate degree in technical field (e.g., Engineering or Computer Science) or equivalent practical experience
• Demonstrable experience with computer security issues, as demonstrated by:
  • Conference papers or talks
  • Academic or industry experience
  • Vulnerability disclosures, such as CVEs
  • Tools developed to analyze computer programs
• A sense of humor!

Typically requires 10+ years of related experience in a professional role with a Bachelor's degree; or 8+ years with a Master's degree; or 5+ years with a PhD; or equivalent experience. Experience as a tech lead or a security architect for big projects and previous research experience with computer security are a plus. Professional or practical experience in one or more of the following areas:

• Ability to securely design and architect features with an understanding of threat and trust models, cryptography, access control, and secure protocol design
• PC/Windows/Client Security: An overall understanding of the Windows/PC/Client hardware and software stack, with deeper technical knowledge of in one or more of the following areas:
  • Windows OS, security threats (malware, ransomware, rootkits) and defenses
  • Hardware technologies such as Client VT-x, TXT, and CSME, TPM
  • UEFI/BIOS, secure boot, system management mode, hypervisor-based security using Hyper-V or nested hypervisors
• Android/Linux/Firmware Security: A holistic understanding of the Android/Linux/ARM smartphone hardware and software stack, with deeper technical knowledge in of one or more of the following:
  • Android framework security and internals, SELinux/SEAndroid
  • Linux kernel, drivers, bootloaders, ARM TrustZone, hypervisors
• Vulnerability Assessment and Tooling: Knowledge of exploitation techniques, mitigations, and
  • Buffer overflows, return-oriented programming, heap spraying, ASLR, access control
  • Experience using security assessment techniques such as fuzz testing, reverse engineering, static and dynamic analysis, symbolic execution, emulation
  • Ability to use a programming language of choice to write proof-of-concept exploits, patches, and develop new tools for automated testing
• Boundless optimism!