iOS Engineer: App Analysis

As an iOS engineer, you will be responsible for improving our scanning engine, for analyzing iOS applications and automatically finding security and privacy issues.

You will:

• Work with the mobile team on a set of tools we've built to statically analyze IPAs in order to find security issues. We have open-sourced parts of our iOS static analyzer at https://github.com/datatheorem/strongarm.
• Improve our dynamic analyzer, which instruments mobile applications in order to study their behavior while running on a device, and detect dangerous actions that could lead to security issues.
• Research and build new security checks to be added to our scanning engine, so we can help customers build more secure iOS apps.

We’re looking for someone who has:

• Significant experience implementing iOS applications and tools.
• Good understanding of the iOS runtime.
• Some experience writing tools in Python.
• Bonus points: experience with taking apart iOS software in order to understand and/or modify it. This includes experience with Objective-C runtime APIs (ie. swizzling) and tools such as CydiaSubstrate, Frida, etc.
  • No information security experience required - we are more interested in software engineering backgrounds.