Mobile Malware Engineer

Peraton is hiring a Mobile Malware Engineer to analyze, reverse engineer, and characterize malicious software targeting Android and iOS platforms in support of a federal government customer. Using expertise in malware reverse engineering and analysis, the engineer will evaluate complex malicious code through tools including disassemblers, debuggers, hex editors, unpackers, virtual machines, and network sniffers. The engineer will investigate instances of malicious code to determine attack vectors, payloads, and the extent of damage and data exfiltration - delivering actionable intelligence products that directly support national security missions.

Core responsibilities include:

Perform static and dynamic analysis of mobile malware on Android and iOS platforms.
• Reverse engineer ARM/ARM64 binaries; unpack APK/IPA files, bypass runtime protections, and conduct reverse engineering of known and suspected malware files.
• Identify C2 infrastructure, persistence mechanisms, and indicators of compromise (IOCs); investigate attack vectors, payloads, and the extent of data exfiltration.
• Identify vulnerabilities in binaries, analyze shellcode, and recommend preventative or defensive actions.
• Develop custom tooling, automation scripts, and YARA detection signatures; build network and host-based signatures and recommend heuristic or anomaly-based detection methods.
• Produce technical reports with MITRE ATT&CK for Mobile mappings, remediation recommendations, and detailed documentation of malware behavior and command-and-control infrastructure.
• Perform ongoing research into malicious software, emerging vulnerabilities, and exploitation tactics to stay ahead of evolving threats.
• Collaborate with forensics, vulnerability research, and cyber operations teams.

*This position requires full-time, onsite attendance Monday through Friday in the Baltimore metropolitan area.

REQUIRED QUALIFICATIONS

• Bachelor's + 8 yrs experience, or Master's + 6 yrs experience. A degree in Cybersecurity, Computer Science, Software Engineering, Information Technology, Information Systems, or related field is highly desired. However, an additional four years of experience may be considered in lieu if a Bachelor's degree.
• Proficiency in ARM/ARM64 assembly and low-level binary analysis.
• Strong knowledge of Android and iOS internals (APK/IPA structure, ART runtime, Mach-O binaries)
• Hands-on experience with: Ghidra, IDA Pro, Jadx, Frida, MobSF, Corellium.
• Scripting in Python; familiarity with Java, Kotlin, or Swift.
• Active Top Secret with SCI eligibility clearance required.

DESIRED QUALIFICATIONS:

• Experience with CNO toolchains or offensive mobile capability development.
• Familiarity with nation-state APT campaigns targeting mobile endpoints.
• Knowledge of MDM/EMM environments and mobile forensics tools (Cellebrite, Oxygen Forensic).
• Published research, CVEs, or open-source contributions in mobile security.

Preferred Certifications: GREM, GMOB, eMAPT, OSED, OSCP, CISSP, or CompTIA SecurityX.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.