Mobile Malware Engineer

Mobile Malware Engineer

Job Location s: US-MD-Linthicum

Peraton is hiring a Mobile Malware Engineer to analyze, reverse engineer, and characterize malicious software targeting Android and iOS platforms in support of a federal government customer. Using expertise in malware reverse engineering and analysis, the engineer will evaluate complex malicious code through tools including disassemblers, debuggers, hex editors, unpackers, virtual machines, and network sniffers. The engineer will investigate instances of malicious code to determine attack vectors, payloads, and the extent of damage and data exfiltration – delivering actionable intelligence products that directly support national security missions.

• Perform static and dynamic analysis of mobile malware on Android and iOS platforms.
• Reverse engineer ARM/ARM
  64 binaries; unpack APK/IPA files, bypass runtime protections, and conduct reverse engineering of known and suspected malware files.
• Identify C2 infrastructure, persistence mechanisms, and indicators of compromise (IOCs); investigate attack vectors, payloads, and the extent of data exfiltration.
• Identify vulnerabilities in binaries, analyze shellcode, and recommend preventative or defensive actions.
• Develop custom tooling, automation scripts, and YARA detection signatures; build network and host‑based signatures and recommend heuristic or anomaly‑based detection methods.
• Produce technical reports with MITRE ATT&CK for Mobile mappings, remediation recommendations, and detailed documentation of malware behavior and command‑and‑control infrastructure.
• Perform ongoing research into malicious software, emerging vulnerabilities, and exploitation tactics to stay ahead of evolving threats.
• Collaborate with forensics, vulnerability research, and cyber operations teams.

This position requires full-time, onsite attendance Monday through Friday in the Baltimore metropolitan area.

• Bachelor's + 8 yrs experience, or Master’s + 6 yrs experience. A degree in Cybersecurity, Computer Science, Software Engineering, Information Technology, Information Systems, or related field is highly desired. However, an additional four years of experience may be considered in lieu if a Bachelor's degree.
• Proficiency in ARM/ARM
  64 assembly and low-level binary analysis.
• Strong knowledge of Android and iOS internals (APK/IPA structure, ART runtime, Mach-O binaries)
• Hands‑on experience with Ghidra, IDA Pro, Jadx, Frida, MobSF, Corellium.
• Scripting in Python; familiarity with Java, Kotlin, or Swift.
• Active Top Secret with SCI eligibility clearance required.

• Experience with CNO tool chains or offensive mobile capability development.
• Familiarity with nation‑state APT campaigns targeting mobile endpoints.
• Knowledge of MDM/EMM environments and mobile forensics tools (Cellebrite, Oxygen Forensic).
• Published research, CVEs, or open‑source contributions in mobile security.

GREM, GMOB, eMAPT, OSED, OSCP, CISSP, or CompTIA Security

X.

$135,000 - $216,000. This represents the typical salary range for this position. Salary is determined by various factors, including but not limited to, the scope and responsibilities of the position, the individual's experience, education, knowledge, skills, and competencies, as well as geographic location and business and contract considerations. Depending on the position, employees may be eligible for overtime, shift differential, and a discretionary bonus in addition to base pay.

Equal opportunity employer, including disability and protected veterans, or other characteristics protected by law.