Reversec
Malware Reverse Engineer (Android) - UK

How your CV stacks up
Upload your CV to see how well it fits this job role
?%
Location: UK (Offices in London and Manchester)
About Reversec
At Reversec, we deliver research-led cyber security services that help organisations defend against real-world threats and build long-term resilience. Our consultants are a diverse team of highly skilled technical experts, researchers, and creative problem-solvers who are passionate about advancing the cyber security industry.
We believe great consultants are empowered consultants. Our people take ownership of their professional development, contribute to meaningful research, and have the freedom to shape the way we work. If you're driven by curiosity, enjoy solving complex technical challenges, and thrive in an environment that values innovation and continuous learning, we'd love to hear from you.
The Role
Reversec is a specialist security consultancy built on deep technical expertise, research, and real-world security engineering. Our consultants regularly analyse highly obfuscated software, reverse engineer complex applications, develop custom tooling, and contribute to open-source security projects used throughout the industry. Reversec maintains Android security tooling such as Drozer and invests heavily in research-led capability development.
We are seeking Android reverse engineers and malware analysts across all experience levels (from those building their skills to seasoned experts) to join a specialist team supporting one of the world's largest technology platforms.
As an Android Malware Reverse Engineering Analyst, you will investigate complex and evasive Android applications, identify malicious functionality, conduct detailed reverse engineering, and support automated detection development.
You will work as part of a specialist malware analysis team responsible for investigating applications that fall outside standard analysis processes and require advanced technical expertise. This includes malware research, incident investigations, escalation handling, detection engineering, and quality assurance activities.
We're recruiting analysts across multiple career stages, from aspiring reverse engineers to experienced malware researchers. Your responsibilities and the expectations placed on you will depend directly on the experience you bring. Experienced analysts will take on complex samples and investigations with a high degree of independence, provide mentorship to junior team members, and assist in developing internal tooling and processes. Analysts earlier in their careers will carry out similar categories of work, with closer support and a remit that grows as their skills develop. Wherever you start, training will be available to bring you up to the standard the team works to.
Reasons to use Rodeo
I’m in my final year doing Economics and I don’t know whether to apply for grad schemes now or do a masters first. What do you think?
Honest answer — it depends on where you want to end up. A lot of top grad schemes (Big 4, civil service, banking) don’t need a masters. Let’s look at the ones you’d be competitive for now, and we can decide if a masters actually adds anything.
Also worth knowing: most autumn 2026 applications are open now. Timing matters more than you think.
Start with a chat, not a search bar
Grad scheme, placement, apprenticeship? Not sure what you want yet — that's fine. Your agent talks it through with you and turns "I have no idea" into a shortlist.
Graduate Consultant — 2026 Scheme
Why you're a good match
StrongYour economics background and your summer at a regional bank line up with what PwC looks for on the consulting scheme. Applications close in four weeks.
See breakdownIt searches the market for you
Every day your agent scans the market matching roles against what actually matters to you, not just keywords on a CV.
Why you're a good match
You’ve got the grades and the economics background, and your bank internship is exactly the experience this scheme looks for. Apply soon — deadlines close within the month.
Experience fit
Your summer at the bank plus your econometrics coursework map directly to the day-one responsibilities on this scheme — client modelling, market briefings, and deal support.
Only hits
No noise. No "maybe this fits." Just roles with a clear explanation of why they're right — and where to focus when applying.
Key Responsibilities
All analysts contribute across the areas below. The complexity of the cases assigned to you, the degree of independence expected of you, and any additional oversight and reporting duties will reflect your experience.
Malware Reverse Engineering
- Perform detailed static and dynamic analysis of Android applications and SDKs.
- Analyse heavily obfuscated Java/Kotlin applications, native code, and framework applications (e.g., Flutter, .NET MAUI, React Native).
- Investigate packers, in-memory loading techniques, encrypted payloads and anti-analysis mechanisms.
- Determine application behaviour and identify potentially harmful functionality.
Investigation & Incident Response
- Conduct complex investigations into suspicious applications and malware campaigns.
- Support escalations and urgent high-priority investigations.
- Analyse internal and external malware leads.
- Identify indicators, behaviours, attack techniques and attacker objectives.
Detection Engineering
- Develop and validate detection logic and automated rules.
- Support improvements to malware detection capabilities.
- Work with analysts and engineering teams to improve investigative efficiency.
Quality & Peer Review
- Review analysis performed by other analysts.
- Validate technical findings and enforcement decisions.
- Ensure consistent technical standards and reporting quality.
Research & Tool Development
- Develop one-off tools, scripts and automation to support investigations.
- Contribute to internal research initiatives.
- Stay current with evolving Android threats, malware techniques and analysis methodologies.
Experience and Expectations
We do not require a fixed profile. Instead, we will calibrate expectations to the experience you bring In all cases, you will need:
- Strong programming fundamentals in at least one object-oriented language.
- A genuine interest in Android internals and how malicious software works.
- An investigative mindset – curiosity, persistence, and attention to detail.
- Clear written and spoken communication in English.
If you are an experienced analyst, we expect proven experience in one or more of: Android malware analysis, Android application security testing, mobile application reverse engineering, malware research, threat research, or mobile threat intelligence. You should be able to demonstrate skills across Java and Android internals, Smali and DEX analysis, Android application architecture, static and dynamic analysis techniques, analysis of obfuscated code, native Android libraries (C/C++), and scripting or tool development (e.g. Python). In return, you will be trusted to work independently on complex cases from an early stage, lead urgent escalations, review the work of others and mentor colleagues.


Get help with your application
Your very own career expert that helps elevate your application to the next level.
If you are earlier in your career, we do not expect the above on day one. Show us evidence that you enjoy understanding how software works and are actively developing technical security skills - CTFs, crackmes, personal reverse engineering projects, relevant coursework or published write-ups. You will receive structured training and mentoring to bring you up to the team's standard, and your responsibilities will expand as your capability does.
Candidates anywhere between these two points are equally welcome: tell us what you can already do, and we will shape both expectations and training around it. Work is allocated according to capability and experience. All analysts receive structured mentoring, peer review and continuous technical development
Technical Skills
An ideal candidate will demonstrate experience with some of the following:
- Reverse engineering and static analysis – use of decompilers and disassemblers, particularly to tackle heavily obfuscated code, native libraries, and custom cryptography
- Dynamic analysis – frameworks like Frida and LSPosed particularly welcome
- Malware analysis – detection development, behavioural analysis
- Software development – Kotlin, Java, Python, C/C++
Why Join Reversec?
Because the work here is hard, and that’s the point. We are a research-led organisation with expertise recognised across the industry, and the problems we take on rarely come with cookie-cutter answers. You’ll solve them alongside some of the strongest security specialists in the field.
We’ll invest in you too – through internal training, mentoring, and room to develop. What you build here won’t stay internal: our tooling, research, and methodologies are used throughout the security community.
“It took my CV and asked me questions relevant to understanding what kind of jobs to suggest for me. Suggestions were almost perfect. Jobs were exactly what I’ve been looking for.”
Jessica, London
Skills
Location