Senior Security Researcher

Summary

Join Jamf as a Security Researcher in Tel Aviv, Israel, and play a critical role in advancing mobile security research. You will conduct in-depth analysis of iOS security mechanisms, perform vulnerability assessments, analyze attack vectors, and utilize reverse engineering techniques. The role requires extensive experience in iOS security, vulnerability assessment, and reverse engineering. This position offers the opportunity to contribute to the development of innovative security solutions and collaborate with cross-functional teams. While based in Tel Aviv, Jamf offers remote, in-office, and hybrid work options. Jamf is committed to creating an inclusive and supportive work environment.

Requirements

• Minimum of 5 years of experience in relevant field
• Minimum of 4+ years of experience in vulnerability assessment of iOS applications (e.g., MITRE, OWASP Mobile Security Testing Guide, Burp Suite)
• Minimum of 5 years of experience in Reverse Engineering (e.g., IDA Pro, Hopper, ghidra)
• Understanding of potential attack vectors and post-exploit scenarios
• Understanding of iOS security mechanisms (secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection)
• Knowledge of iOS Privilege Escalation techniques
• Fluent English - Writing & speaking

Responsibilities

• Conduct in-depth analysis of iOS security mechanisms, including the secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection. Identify weaknesses and potential vulnerabilities within the iOS ecosystem
• Perform comprehensive vulnerability assessments of iOS applications using industry-standard frameworks such as MITRE, OWASP Mobile Security Testing Guide, and tools like Burp Suite. Identify and document security issues and propose mitigation strategies
• Explore potential attack vectors that could compromise iOS devices and applications. Develop a deep understanding of the iOS threat landscape and post-exploit scenarios to anticipate and counteract security threats effectively
• Utilize reverse engineering techniques and tools such as IDA Pro, Hopper, and Ghidra to dissect iOS applications and firmware. Analyze binaries, disassemble code, and reverse engineer software components to uncover vulnerabilities and weaknesses
• Investigate iOS privilege escalation techniques and vulnerabilities, staying ahead of potential threats. Research and develop countermeasures to protect against privilege escalation attacks
• Contribute to the creation of custom tools or enhancements that aid in mobile forensic analysis and security assessments
• Create detailed reports and documentation of security findings, methodologies, and recommended solutions. Communicate research results effectively to both technical and non-technical stakeholders through written reports and presentations
• Collaborate closely with cross-functional teams, including fellow researchers, software developers, and cybersecurity experts, to share insights, collaborate on security initiatives, and contribute to the development of secure mobile solutions
• Continuously monitor and stay up-to-date with the latest developments in iOS security, vulnerabilities, and exploits. Contribute to threat intelligence by sharing relevant information with the team

Preferred Qualifications

Product development capabilities

Benefits

Remote, in-office, and hybrid roles