Exploit Engineer - Android
DATAPILOT
Job description
Salary DOE (Annual base with bonus/bounty opportunities per year)
We are seeking an experienced Exploit Engineer responsible for discovering and engineering advanced vulnerabilities and exploit chains across modern mobile platforms, with a focus on enabling lawful access for deeper file system coverage. This position will concentrate on building in‑house exploit capabilities that expand the depth and breadth of data that can be accessed from Android devices for digital forensics software.
Keywords
- Android: EDL, AOSP, Bootloader, SELinux, Partitions(user data, system, vendor, metadata), File-Based Encryption (FBE), Full-Disk Encryption (FDE), StrongBox, Keystore/Keymaster, Rooting, ADB, Login credentials, Location data
- Language: C, C#, C++, Python, Bash/shell scripting, Assembler, Java, Kotlin
Core responsibilities
- Perform end‑to‑end vulnerability research on Android, including kernel, boot chain
- Develop and maintain reliable exploit chains and broader file systems under legal authority
- Design techniques to access and decrypt Android physical image, not just logical artifacts
- Design techniques to access keystore and preserve protected data
- Engineer techniques to bypass signature checks to load custom components for acquisition
- Continuously track new Android and hardware revisions then update exploit strategies
- Collaborate with platform teams to integrate exploit capabilities into evidence‑preservation tools
Required qualifications
- Strong reverse‑engineering skills, Vulnerability Assessments, and Exploitation Development
- Strong background with low‑level system components - kernels, bootloaders, secure boot
- Experience developing kernel exploits on modern platform - Linux/Android
- Deep understanding of mobile boot chains - bootloaders, recovery/DFU/fastboot/EDL modes
- Hands-on experience analyzing/exploiting OEM security flaws, including vendor-specific chipsets
Preferred qualifications
- Experience working closely on a major mobile OEM (e.g., ex‑Samsung or other large Android ecosystem vendors), particularly in platform security, BSP, or kernel teams
- Extensive hands-on experience with Android OS internals: AOSP build system, init, Zygote, system services, and HALs on real devices (not just emulators).
- Prior work specifically on signature‑check bypasses (bootloader, recovery, kernel, trustlet, or firmware image formats) and secure boot chain subversion for lawful access scenarios
- Previous experience in mobile forensics, lawful intercept tooling, or security product companies that focus on device access and data extraction.
DATAPILOT is a world leader in digital forensic solutions. Our software and hardware solutions are in use with thousands of law enforcement and government agencies worldwide. We strive to create cutting-edge solutions in both the government sector and legal-tech communities. DATAPILOT is headquartered in Irvine, California and is part of the Susteen family.
Job Type: Full-time
Benefits:
- 401(k)
- Dental insurance
- Health insurance
- Paid time off
- Professional development assistance
- Vision insurance
Application Question(s):
- What is your experience as Exploit Engineer on Android devices?
Experience:
- vulnerability research and exploit development: 1 year (Required)
Work Location: Hybrid remote in Irvine, CA 92612