Senior iOS/macOS kernel Vulnerability Researcher

Quarkslab is a French company specializing in information security R&D, consulting and software development. Our expertise is in combining offensive and defensive security to help organizations adopt a new security posture: Force the attackers, not the defender, to adapt constantly. Through our consulting services as well as our software we provide tailored solutions to organizations, helping them to protect their assets, sensitive data, and users against increasingly sophisticated attacks.

Quarkslab is an avid and active user of, and contributor to, Open Source Software and develops and maintains state-of-the-art security tools such as LIEF , QBDI, Triton, Irma, and several other projects.

We develop two commercial software products: QFlow, a platform to automate and orchestrate security analysis of files at scale, and QShield, advanced code and data protection software to disrupt code lifting, reverse engineering and tampering attacks.

You will be joining the mobile team, as an iOS/macOS security researcher. Your daily work will consist of vulnerability research on the XNU kernel and associated components, through reverse engineering closed source code, code auditing available source code, developing tools such as fuzzers to ease the process of vulnerability research.

Your work will go from vulnerability research to implementing Proof Of Concept of the exploitation of vulnerabilities, and bypassing the mitigations. You will also be potentially required to create and deliver training, internally and / or externally.

About the Lab
Within Quarkslab, the Lab, composed of 38 engineers, carries out projects, internal or external, around the following themes:

• Reverse engineering: understanding how a program works without having the source code;
• Cryptography: analyzing or designing cryptography in applications to increase security properties;
• Vulnerability research: evaluate the robustness of a target, identify vulnerabilities and develop exploits;
• Hardware and software security: working on smart card-based systems, designing software and hardware architectures and testing their security level.

These projects are conducted in different technical environments, from general public operating systems to dedicated SOCs and hardware. We focus on the internal mechanisms of these systems with specific tools (see our public tools such as Triton, LIEF or QBDI). They are developed for our customers (software editors, industry, large accounts, administration), and in the framework of internal R&D projects.

Why work at Quarkslab?
Work with an amazing team, eager to learn and play with new approaches and technologies, mixing various skills (security, compilation, program analysis, reverse engineering, software engineering). International environment with offices in Paris and Buenos Aires (team croissants vs. team asado), representations in Tokyo and Singapore.

• Attend conferences in your field, learn from many internal events (weekly conference, trainings, research activities).
• Contribute and support Open Source Software: Our own tools and other people’s projects.
• Flexible work hours, work from home.
• Premium health insurance.

Recruitment Process:

1. Call with our Talent Acquisition Manager
2. Call with Hiring Manager
3. Resolution of a technical challenge
4. Technical interview in our Paris / Rennes offices or via video conference
5. HR debriefing and job offer

Quarkslab is proud to be an equal opportunity employer in the workplace. We are committed to equal employment opportunity regardless of ethnicity, color, ancestry, religion, gender, national origin, sexual orientation, age, citizenship, marital status, disability or gender identity. If you have a disability or special needs that require certain accommodations, please let us know and we will be happy to consider them.

Here is a list of the skills and knowledge desired for the proposed position:

• Understanding the main components of an Operating System;
• Knowledge of macOS and iOS architecture;
• Familiarity with CPU architecture;
• Profiency in AARCH64, x86_64;
• Ability to exploit common memory corruption vulnerabilities, and bypass anti-exploitation mitigations;
• Knowledge of the anti-exploitation mitigations in iOS/macOS and jailbreaking;
• Reverse Enginering, and developing plug-ins for tools such as IDApro and Ghidra;
• Dynamic Analysis and Debugging;
• Secure coding and secure auditing;
• Ability to develop and use fuzzers;
• Experience with hypervisors and browsers is a plus.