Zimperium

Detection Researcher, iOS Focused

Zimperium

full-time

Posted on:

Location Type: Remote

Location: Spain

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AssemblyiOSObjective-CPythonSwift

About the role

  • Research and analyze advanced detection bypass techniques (e.g., jailbreaking, hooking, and runtime application/system tampering) to assess threats to our detection systems.
  • Evaluate and reverse-engineer tools and frameworks used to attack or evade our products, documenting findings and attack vectors.
  • Lead and participate in structured brainstorming sessions to generate novel detection ideas and countermeasures.
  • Design, prototype, and implement new detection techniques and algorithms for the iOS platform.
  • Develop, maintain, and improve internal tooling and automation to accelerate analysis, triage, and detection development.
  • Review and interpret forensic data provided by customers, produce clear technical reports, and provide actionable guidance and remediation support.
  • Perform and contribute to internal penetration testing and adversary emulation of newly introduced security features to validate effectiveness.
  • Write and publish technical blog posts to raise awareness of emerging security risks and share insights with customers and the wider security community.

Requirements

  • Proven ability to collaborate effectively within a team environment, including forming and leading focused sub-groups to deliver specific project features or research objectives.
  • Strong knowledge of iOS operating system internals (e.g., sandboxing, code-signing), with a particular focus on runtime application security mechanisms and techniques for detecting system tampering and device compromise.
  • Proficiency in reverse engineering using tools such as IDA Pro, Ghidra, Hopper, or equivalent, including experience writing scripts, leveraging their SDKs, and isolating and reporting technical issues.
  • Demonstrated ability to think both offensively and defensively, approaching analysis tasks with the mindset of both an attacker and a defender.
  • Solid programming experience in C, Python, Objective-C and Swift, with the ability to produce efficient, maintainable, and secure code.
  • Good understanding of ARM64 assembly to develop really task specific and time critical functions.
  • Experience in data analysis methods applied to the forensics investigations is considered a plus.
  • Proficiency with debugging and dynamic binary instrumentation tools (e.g., LLDB, Frida, Objection, QBDI).
  • Capability to reverse engineer proprietary protocols and interprocess communication mechanisms (e.g., XPC, mach messages, IOKit).
  • Practical knowledge of jailbreak methods and iOS exploit classes (e.g., kernel exploits, sandbox escapes, code-signing bypasses), ideally experience in analyzing such exploits or exploit chains is a big plus.
Benefits
  • Zimperium is an Equal Opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected veteran status, or any other characteristic protected by applicable federal, state, or local law.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
reverse engineeringiOS operating system internalsruntime application securityprogramming in Cprogramming in Pythonprogramming in Objective-Cprogramming in Swiftdata analysis methodsARM64 assemblyjailbreak methods
Soft Skills
collaborationleadershipanalytical thinkingproblem-solvingcommunication