Senior Security Consultant (Android Malware Reverse Engineering) in London

NetSPI® pioneered Penetration Testing as a Service (PTaaS) and leads the industry in modern pentesting. Combining world‑class security professionals with AI and automation, NetSPI delivers clarity, speed, and scale across 50+ pentest types, attack surface management, and vulnerability prioritization. The NetSPI platform streamlines workflows and accelerates remediation, enabling our experts to focus on deep dive testing that uncovers vulnerabilities others miss. Trusted by the top 10 U.S. banks and Fortune 500 companies worldwide, NetSPI has been driving security innovation since 2001.

We are looking for individuals with a collaborative, innovative, and customer‑first mindset to join our team. We are seeking an experienced professional with demonstrated technical depth and breadth in Android Malware Reverse Engineering as well as the soft skills to effectively communicate with executive and technical teams. In this role, you'll have the ability to work alongside a world‑class team using top‑tier custom tools. Applicants are expected to leverage strong problem‑solving skills, as well as lead, collaborate, and innovate to deliver high‑quality exercises and exceptional experiences for our customers.

• Perform malware reverse engineering on Android applications.
• Create and deliver reports to clients.
• Collaborate with clients to create remediation strategies that will help improve their security posture.
• Research and develop innovative techniques, tools, and methodologies for reverse engineering Android applications.
• Participate in the ongoing development/enhancement of NetSPI services and processes, in addition to thought leadership (via blogs, presentations, white papers, webinars, podcast, vlogs and tweets).
• Provide pre‑sales support by assisting with scoping prospective engagements.
• Act as a resource for internal team members as it relates to in‑depth technical questions or best practices.
• Responsible for QA activities in assigned service lines.

• Bachelor’s degree or higher, preferably in Computer Science, Engineering, Mathematics, IT, or a related field; equivalent experience will also be considered.
• 1-5 years of experience performing Android malware reverse engineering, including experience with reversing tools such as Ghidra, IDA, jadx, etc.
• 3-5 years of offensive security experience.
• Experience with disassemblers and debuggers.
• Experience with dynamic instrumentation toolkits, examples include Frida.
• Strong communication skills, both verbal and written.
• Knowledge of Android Operating System.

• Programming experience in one or more of the following languages: Java, JavaScript, Python.
• Experience analyzing malicious Android applications.
• The ability to reverse engineer proprietary application layer protocols.
• Knowledge of operating system and application internals for Android.
• GREM, PMRP, Zero2Automated or similar certifications.

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law.