§What You'll Do
- Discover and exploit vulnerabilities in Android operating systems, applications, and firmware.
- Develop exploit chains targeting Android devices across multiple OEMs and chipset vendors.
- Build tooling to automate vulnerability discovery and triage across the Android ecosystem.
- Research new attack surfaces introduced by Android platform updates and security patches.
§Requirements
- Deep experience with Android internals: kernel, HAL, Binder IPC, SELinux policies.
- Proven track record of finding and exploiting vulnerabilities in Android (CVEs, bug bounties, or offensive work).
- Strong ARM/AArch64 reverse engineering and exploit development skills.
- Proficiency with Frida, Magisk, custom kernels, and Android debug tooling.
- Strong C/C++ and Java/Kotlin skills for systems and application-level analysis.
§Nice to Have
- Experience with Qualcomm, MediaTek, or Samsung Exynos chipset-specific attack surfaces.
- Familiarity with TrustZone / TEE exploitation.
- Experience with Android kernel fuzzing (syzkaller, custom harnesses).
- Proficiency with Ghidra, IDA, or Binary Ninja.
- Experience building with LLMs and AI agents.
- Published research or conference talks in mobile security.
§You Are
- Driven to push the boundaries of what's possible in mobile offensive security.
- Clearly interested in stepping away from purely manual research and moving toward the development of AI systems.
- Building something massive matters more to you than comfort, titles, or predictability.
- You want to be early at a company that will change an industry, and you're ready to do what that actually takes.
For Recruiters
Note to recruiting firms: Android vulnerability research is the core requirement. Exploit development and kernel experience are strong pluses. Strong preference for candidates with demonstrated offensive capability against mobile platforms.
Ready?
Apply for Android Exploitation Engineer
Email team@zealotlabs.com with a resume and a paragraph on what you want to build with us.
Apply now