• Senior Mobile Security Analyst

    Location SG-Singapore | SG-Singapore
    Job ID
    2018-8613
    # of Openings
    1
    Job Category
    Software Development
  • Overview

     

    Other companies make products. We make a difference!  Click Here!

     

    Promoting safe living and working environments.

     

    UL Web Banner

     

    Underwriter’s Laboratories (UL) is a safety-science company that – for the past 100+ years – has had a strong focus on home and workplace safety. The new Identity Management and Security division of UL extends this safety mission from ‘safety in the physical world’ to ‘security in digital the digital world’. UL Identity Management and Security focusses on securing large, mission critical digital transaction infrastructures such as payment networks, ticketing infrastructures, and mobile commerce environments.

     

    The team in Singapore serves to offer certification services for (new) cards, terminals and hosts in the payment industry. Since this market is moving and growing rapidly – as a customer focused company – needs to constantly move along with and adapt to the market.

     

    Currently UL Identity Management and Security is hiring a Mobile Software Security for our office in Singapore. The successful candidate for this position will be responsible for developing and maintaining the internal expertise in mobile software and more particularly in the security of systems and applications executed on mobile devices.

    This will include the analysis of Android and iOS applications embedded in mobile like products under evaluation, the development and the realisation of high level penetration tests, and the support and the training of engineers for evaluation projects used in mobile solutions. The position includes the representation of the company in industry forums and the management of complex projects. The Mobile Software Security should have a flexible and an innovative approach.

    Globally, we have a big team of experts of which you will be part when you join UL Identity Management and Security in Singapore. You will be part of the Security Evaluations Service Line within the Identity Management and Security Division in UL. The people in this service line are widely spread around the world, which makes your work very international. The team in Singapore exists of about 30+ people with whom you will corporate very closely with our colleagues in Europe as well.

     

    Responsibilities

     

    Perform security evaluation tasks, it may include:-

    • Code review in customer offices or UL premises to analyse the evaluated product. Once the vulnerability analysis is done the engineer defines the test plan with the project leader.
    • Perform software penetration testing to evaluate mobile applications or TEE trustlets used in mobile solutions with regards to reverse engineering (static and dynamic) and protocol attacks.
    • Projects report writing in compliance with the laboratory and industry best practices rules.
    • Contribute to the team R&D: attack tools development, new attack development, analysis tools.
    • Security activities requires engineer to be at the state of the art, and more … Research, development and the realisation of innovative attacks on products under evaluation are task to be considered.

     

    Qualifications

     

    • Master or bachelor degree in Computer Science with good skills in mobile environment systems and applications (Android, iOS, Windows)
    • Deep knowledge in Android development, in related tools and development languages (Java, C, C++, Assembly), in Linux environment and Linux security.
    • Reverse Engineering on Android APK, Binary, APK/IPA Reversing Pentesting – Decompiling – Rooting techniques (could be a best)
    • Experience with at least one of the disassembly and debugging tools
    • Web and mobile app security analysis (e.g. IDA, Radare2,…)
    • Knowledge in reverse engineering on binaries and applications and reverse engineering tools.
    • Knowledge of mobile devices micro controller architectures including TEE (Trusted Executions Environment) would be highly appreciated.
    • Knowledge on security countermeasures on software developments: obfuscations and de-obfuscation, whitebox cryptography and related attacks.
    • A must have understanding and speaking in chinese for chinese market needs and ability to communicate with clarity and efficiency of good level english
    • Will be able to demonstrate aptitude and a strong potential to learn quickly
    • Enjoys working in a team and has the ability to engage their colleagues
    • Flexible with travelling and able to work independently, to be innovative and creative
    • Loves technology, often being curious wanting to know more and hunger for knowledge

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.