Hey, Software Engineers, has the murky world of cyber security ever intrigued you? Does the idea of flexing your dev skills to reverse engineer weird and wonderful kit appeal to you? Would you love to use your engineering knowledge to contribute to cutting edge research which actually matters?
If so, this could truly be a one-of-a-kind opportunity for you to pivot into the middle ground between software engineering and cyber security. These opportunities are incredibly rare, so if your interest is piqued, and the mobile space appeals to you, please, keep reading.
So, what’s this business all about and why might they interest you? This business occupies the space that gets the coolest and most interesting work. Fact. They don’t build (or break) boring stuff; they build incredibly sophisticated, bespoke tools and software products from the ground up, conduct cutting edge security research, and they work on projects which actually count for something and are never made public. Exclusivity and technically fascinating work abounds with this business.
Sounds interesting, right? Well, what will you actually be doing in this role? To start, you’ll be joining a specialised, nimble security research team; a team that’s responsible for conducting cutting edge security research across a large swathe of technologies, and enhances bespoke, meaningful software products which have been built from the ground up. This is an “internal” role which doesn’t include customer interaction or rote report writing.
Initially, the role will have a mobile applications focus, so you’ll be doing things like:
- Testing and iOS and Android apps to improve the internal mobile analysis framework.
- Analysing mobile app / device traffic.
- There will be an automation piece (you’ll be playing with Ansible, Docker, Terraform, etc.).
- Build upon your Android/iOS skills to manage applications and device pools.
- Work alongside developers to ensure the accuracy of results obtained by our internal mobile analysis framework.
- Gaining exposure to some weird and wonderful stuff like rooting & jailbreaking devices, and reverse engineering IPA/APKs (you’ll start playing with cool tools like Ghidra, Frida, Radare2, etc.)
- As time progresses, you’ll start participating in broader security research, working with your colleagues on brand new research ideas in a variety of different domains.
What do skills or qualities do you need to succeed in this role? This is where things get interesting as while there’s a definite cyber security component to this role, you don’t need professional/commercial cyber security experience to be considered. Let’s repeat that;
you do not need professional/commercial cyber security experience to be considered.
What you will need, however, is to tick the following boxes:
- Demonstrable programming and scripting skills are a must (Python, Java, .Net, Bash, Ruby, Powershell, Rust – you don’t need to be a wizard with all of these, but handy with enough of them).
- An active interest in the cyber security space, especially the offensive security realm; one which can ideally be displayed with one of the following:
- perhaps you’ve acquired a relevant security cert (eJPT, PNPT, OSCP, etc.)
- maybe you spend your spare time lurking in labs and playing on platforms (Hack The Box, TryHackMe, Proving Grounds, etc.)
- possibly you’re active in the Bug Bounty scene (discovering and reporting security vulnerabilities)
- You’re physically based on the ground in Melbourne.
- You’re an Australian citizen.
What can this role offer you? Besides genuine career progression and the rare chance to enter of the most interesting spaces around, things like:
- A base salary of up to $120k, aligned with your own experience and skills.
- Work from home (while physically rubbing shoulders with your colleagues from time to time is nice, rest assured you won’t be chained to a desk – this ain’t Twitter, HA).
- A genuinely chilled out culture: shorts, hoodies and jeans are the norm, amusing gifs are commonplace and your time outside of work hours isn’t just acknowledged, it’s fiercely defended.
- A manager who is a truly stand-up individual: they’re intelligent, creative, empathetic, understanding, and they know that work is work, and that your time is your time.
- Flexibility and respect, but… really. Need to take your kids to school? Cool, get it done. Don’t want to be working extra hours? You absolutely won’t be. Want your leave to actually be a leave from work? It really will be. No interest in copping work emails when you’re on the couch relaxing? You won’t receive any. You get the gist.
Reach out, say hi, and let’s have a chat about YOU. Contact me, Michael, directly on mpearman@decipherbureau.com or apply to this role. Please rest assured anything discussed is kept 100% confidential, and only between you and me.
Decipher Bureau and the clients we partner with are committed to creating a diverse environment and are proud to be equal opportunity employers. All qualified applicants will be considered for employment without attention to race, colour, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.