Job Description

Location: SINGAPORE, Singapore

Thales people architect identity management and data protection solutions at the heart of digital security. Business and governments rely on us to bring trust to the billons of digital interactions they have with people. Our technologies and services help banks exchange funds, people cross borders, energy become smarter and much more. More than 30,000 organizations already rely on us to verify the identities of people and things, grant access to digital services, analyze vast quantities of information and encrypt data to make the connected world more secure.

Thales established its presence in Singapore in 1973 to support the expansion of aerospace-related activities in the Asia-Pacific region. Throughout the last four decades, the company grew from strength to strength and is today involved in the primary businesses of Aerospace (including Air Traffic Management), Defence & Security, Ground Transportation and Digital Identity & Security. Thales today employs over 2,100 people in Singapore across all its business areas.

As a Mobile Security Expert in Thales Digital Identity and Security (DIS), a leader in cybersecurity, you will gain international exposure and have the possibility to work with teams from different geographical locations (i.e. France, India, Singapore, United States). Being amongst various cybersecurity experts, you will be exposed to different challenges, gaining knowledge and building further expertise from working with mobile experts coming from various domains. In addition, you will be able to make use of your expertise to influence and define the mobile cybersecurity ecosystem.

Responsibilities:

• Penetration testing and reverse engineering on Android and iOS.
• Identify risks and propose ways to harden the mobile app/ library security
• Provide technical risk analysis, threat identification and countermeasure recommendations to business requirements
• Participate in secure design of new products and features
• Security research on new threats and technologies
• Define the official mobile security process for mobile teams
• Keeping abreast of new threats and vulnerabilities to mobile applications and the industry to provide proactive solutions

Knowledge, Skills & Experience:

• Experience in penetration testing of mobile applications (Android, iOS)

• Understanding of the attack paths on mobile applications
• Programming languages: Python, Shell script, Java, C, ARM/INTEL assembly, Objective-C
• Common OS exploits: Jailbreaking/Rooting/Flashing a device, custom kernels, custom ROMs, hooking frameworks
• Knowledge of classic attacking techniques: data cloning, reverse engineering, traffic interception, hooking, debugging (like gdb, jdb, other tools like Burp suite, Substrate, Frida, Cycript, IDA...)
• Interest and understanding of low-level aspects of operating systems

• Syscalls, processes, daemons, virtual memory, kernel extensions

In the past, Mobile Security Experts have frequently presented their expertise in various security conferences, including Hack In The Box, Blackhat Asia, Android Security Symposium, Sincon etc.

At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now!