Specialist, Offensive Android Security Specialist - Red Team

Lab Summary: 

Samsung Knox™ (https://www.samsungknox.com/) is Samsung’s guarantee of security, and a secure device gives you the freedom to work and play how, where, and when you want. Samsung Knox consists of a highly secure platform built into a variety of Samsung devices, including Samsung’s mobile phones and laptop computers.

Come join the Samsung KNOX team and help us define and develop the future core technologies for Samsung devices and services!

Position Summary:

We are seeking an Offensive Android System Security Specialist to join our cutting-edge Red Team. In this role, you will focus on identifying and mitigating security threats to Android’s kernel, device drivers (NPU, GPU, etc.), and low-level/high-privilege systems including Bootloader, Secure OS(a.k.a TEEGRIS) and Knox Vault. Your contributions will include leading research efforts, developing innovative tools, and ensuring the security of critical systems.

Position Responsibilities:

• Identify trends in kernel and device driver attacks and conduct in-depth research on emerging threats
• Conduct reverse engineering and Secure OS architecture analysis
• Develop automated vulnerability discovery and analysis tools, such as fuzzing tools
• Perform penetration testing on OS components, including TEE, bootloader, and kernel
• Research and test the latest exploit trends, developing Proof of Concept attacks and advanced exploits (0-day, 1-day)
• Conduct in-depth root cause analysis to understand and mitigate system vulnerabilities

Required Skills:

• Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent combination of education training and experience
• 5 years of experience in system-level penetration testing and vulnerability research
• Proficiency in tools for kernel debugging, fuzzing, and penetration testing
• Experience with reverse engineering tools (g. IDA Pro & Ghidra), debugging tools (e.g., JTAG/SWD)
• Strong knowledge of low-level programming languages such as C and Assembly

 Special Attributes:

• Certifications: OSCE, OSCP, OSEE, or equivalent
• Demonstrated experience with Android and kernel penetration testing
• Practical experience with exploit mitigation bypass techniques
• Strong communication skills and experience presenting findings at security conferences