Mobile Reverse Engineering Expert for security platform

Mobile Apps, Security Operations (SecOps)

Upper-Intermediate English

Senior

Israel UTC+02:00

Are you a talented developer looking for a remote job that lets you show your skills and get decent compensation? Join Upstaff.com, a platform that connects you with hand-picked startups and scale-ups in the US and Europe.

Summary

- Experience in reverse engineering native iOS and Android applications;
- Expertise in analyzing authentication, password reset, and account recovery flows;
- Skilled in static and dynamic analysis using tools such as Frida, JADX, IDA/Ghidra, Hopper, Burp, and mitmproxy;
- Understanding of network protocols, OTP flows, session handling, and app security controls;
- Ability to bypass anti-debugging and obfuscation mechanisms for analysis;
- Strong documentation and communication skills.

Required Skills

Reverse Engineering

Security

iOS

Android

Penetration testing

Nice to Have

React Native Authentication Flows Frida Jadx mitmproxy OTP API IDA Hopper Ghidra Burp Suite

ID: 500-113-883

Last Updated: 2025-11-25

Role Overview

As a Mobile Reverse Engineering Expert, you will analyze native iOS and Android applications-primarily from major social platforms, understand internal authentication workflows, security mechanisms, and possible abuse vectors. Your work will involve dissecting complex, undocumented logic, mapping critical flows, and producing clear technical documentation for internal teams. This role requires strong expertise in mobile security, reverse engineering tools, and traffic inspection techniques.

Responsibilities:

Reverse engineer APK/IPA files from top social network applications;
Analyze login, password reset, and account recovery flows to identify behavior and security controls;
Perform static and dynamic analysis using tools such as Frida, IDA/Ghidra, JADX, Hopper;
Intercept and inspect API calls, tokens, and network traffic;
Document findings through diagrams, flow descriptions, and technical reports;
Detect anti-debugging and obfuscation techniques and work around them where necessary.

Requirements:

Proven experience in reverse engineering for Android and iOS applications;
Strong knowledge of network protocols, authentication mechanisms, OTP flows, and session management;
Hands-on experience with RE and traffic interception tools (Frida, Burp, mitmproxy, JADX, IDA, Hopper, etc.);
Ability to understand and map complex and undocumented application logic;
Excellent analytical, documentation, and communication skills;
Experience with reversing mobile apps from major social platforms - a must.

Not your tech stack?

Join the Upstaff community and we are looking for the best project for you. Be ready for the next steps:

Create your profile on our website (import from LinkedIn)
20-30-minute screening call
Technical interview
Feedback
Project Selection (we are looking for the best project for you).

We work with developers from 50+ countries in different regions: Europe, LATAM, the U.S. (W-9 form owners), Canada, Asia (Philippines, Indonesia), Oceania (Australia, New Zealand, Papua New Guinea), and the the UK.

We don’t have a legal and ethical basis to accept applicants from the following countries: Russia, Belarus, Iran, North Korea
We do not provide visa assistance, and our cooperation model does not include the benefits typically offered with direct hire.