Detection Researcher (Coding Focused)

Zimperium® is the world leader in mobile security, purpose-built to protect the modern mobile enterprise. Trusted by leading organizations and governments, our AI-driven platform delivers real-time, on-device protection for mobile applications and devices. We help organizations stay ahead with proactive defense against evolving threats—including mobile-targeted phishing (mishing), malware, app vulnerabilities, and zero-day exploits. Our mission is to empower organizations to operate securely and confidently in today’s dynamic digital environment.Location: Worldwide with preference for candidates in EuropeZimperium® is an industry leader in enterprise mobile security, being the first and only company to provide a complete mobile threat defense system that offers real-time, on device world-class protection against both known and unknown next generation of advanced mobile cyberattacks and malware. Our MTD and award-winning machine learning-based engine protects against device, network, phishing and application attacks for IOS, Android and Windows devices, using a non-intrusive approach to always protect privacy of users.We are currently looking for a Detection Researcher. This role involves researching, developing, and maintaining advanced detection and analysis capabilities to counter complex tampering and evasion techniques. The successful candidate will design new tools, improve existing ones, perform thorough code reviews, and help define and uphold high coding standards across the team. Strong programming skills and a collaborative mindset are essential. Experience with the LLVM framework and knowledge of code obfuscation and de-obfuscation techniques are considered strong assets.

Key Responsibilities

• Research and analyze advanced detection bypass techniques (e.g., rooting, hooking, and runtime application/system tampering) to assess threats to our detection systems.
• Evaluate and reverse-engineer tools and frameworks used to attack or evade our products, documenting findings and attack vectors.
• Lead and participate in structured brainstorming sessions to generate novel detection ideas and countermeasures.
• Help design, prototype, and implement new detection techniques and algorithms for different operating systems.
• Help develop, maintain, and improve internal tooling and automation to accelerate analysis, triage, and detection development.
• Perform and contribute to internal penetration testing and adversary emulation of newly introduced security features to validate effectiveness.
• Conduct thorough code reviews and technical reviews of detection-related contributions to ensure quality, maintainability, and correctness.

Required Skills & Experience

• Proven ability to collaborate effectively within a team environment, including forming and leading focused sub-groups to deliver specific project features or research objectives.
• Proficiency in reverse engineering using tools such as IDA Pro, Ghidra, or equivalent, including experience writing scripts, leveraging their SDKs, and isolating and reporting technical issues.
• Solid programming experience in C, C++, Python and Java, with the ability to produce efficient, maintainable, and secure code.
• Good knowledge of the ELF and MachO file formats and a general good understanding on how to consult the official documentation.
• Familiarity with the LLVM framework is considered a plus.
• Knowledge of code obfuscation and de-obfuscation techniques, along with awareness of community tools and methodologies in this area, is a valuable asset.

Zimperium is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.

Originally posted on Himalayas