Onsite
Full Time Posted 3 days ago
I'm Interested

Job Type

Full Time

Job Details

At Jamf, people are at the core of everything we do. We do what’s right for our customers, our employees, our communities and our world. We take pride in simplifying technology for tens of thousands of customers around the globe and helping organizations succeed with Apple.

 

Jamf operates as a choice-based office model. Choose to work in the office, connect 100% remote from your home, or find the blend that works best for you.

 

This role is based in Tel Aviv, Israel. We are only able to accept applications for those based in Israel or have sponsorship to live and work in Israel.

 

What you'll do at Jamf:

At Jamf, we empower people to be their best selves and do their best work. Security Researcher plays a critical role in advancing Jamf mobile security research efforts. This role is responsible for investigating and analyzing security vulnerabilities, developing cutting-edge techniques for mobile device forensics, and contributing to the development of innovative solutions that protect Jamf clients' mobile ecosystems and to publish security research.

 

 

 What you can expect to do in this role:

  • iOS Security Analysis: Conduct in-depth analysis of iOS security mechanisms, including the secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection. Identify weaknesses and potential vulnerabilities within the iOS ecosystem.
  • Vulnerability Assessment: Perform comprehensive vulnerability assessments of iOS applications using industry-standard frameworks such as MITRE, OWASP Mobile Security Testing Guide, and tools like Burp Suite. Identify and document security issues and propose mitigation strategies.
  • Attack Vector Analysis: Explore potential attack vectors that could compromise iOS devices and applications. Develop a deep understanding of the iOS threat landscape and post-exploit scenarios to anticipate and counteract security threats effectively.
  • Reverse Engineering: Utilize reverse engineering techniques and tools such as IDA Pro, Hopper, and Ghidra to dissect iOS applications and firmware. Analyze binaries, disassemble code, and reverse engineer software components to uncover vulnerabilities and weaknesses.
  • Privilege Escalation Research: Investigate iOS privilege escalation techniques and vulnerabilities, staying ahead of potential threats. Research and develop countermeasures to protect against privilege escalation attacks.
  • Development Contributions: While not mandatory, the ability to develop security-related tools, scripts is an advantage. Contribute to the creation of custom tools or enhancements that aid in mobile forensic analysis and security assessments.
  • Documentation and Reporting: Create detailed reports and documentation of security findings, methodologies, and recommended solutions. Communicate research results effectively to both technical and non-technical stakeholders through written reports and presentations.
  • Collaboration: Collaborate closely with cross-functional teams, including fellow researchers, software developers, and cybersecurity experts, to share insights, collaborate on security initiatives, and contribute to the development of secure mobile solutions.
  • Stay Current: Continuously monitor and stay up-to-date with the latest developments in iOS security, vulnerabilities, and exploits. Contribute to threat intelligence by sharing relevant information with the team.

 

What we are looking for:

  • Minimum of 5 years of experience in relevant field
  • Minimum of 4+ years of experience in vulnerability assessment of iOS applications (e.g., MITRE, OWASP Mobile Security Testing Guide, Burp Suite) 
  • Minimum of 5 years of experience in Reverse Engineering (e.g., IDA Pro, Hopper, ghidra) 
  • Understanding of potential attack vectors and post-exploit scenarios
  • Understanding of iOS security mechanisms (secure boot process, sandboxing, code signing, keychain, secure enclave, and data protection)
  • Knowledge of iOS Privilege Escalation techniques
  • Product development capabilities (preferred)
  • Fluent English - Writing & speaking

 

EDUCATION & CERTIFICATIONS

  • BSc or other relevant degree – an advantage.
Mission
We're connecting diverse talent to big career moves. Meeting people who boost your career is hard - yet networking is key to growth and economic empowerment. We’re here to support you - within your current workplace or somewhere new. Upskill, join daily virtual events, apply to roles (it’s free!).
Are you hiring? Join our platform for diversifiying your team
Senior Security Researcher (iOS)
I'm Interested