Skip to content
mimi
All jobs · Software Engineer jobs

Android Developer/CNO/CNE - TS/SCI Jobs

Tilad Business Holding

McLean · On-site Full-time 3w ago
Apply with a tailored resume Save job

About the role

Below is a polished, ready‑to‑post job description for the Android Development Engineer (CNO/CNE) role, followed by a short “What We’re Looking For” summary, a list of core responsibilities, the required/desired skill set, and a few interview‑question ideas you can use to assess candidates for both development and CNO/CNE expertise.

📢 Android Development Engineer (CNO/CNE)

Location: [City, State] – Hybrid / Remote options available
Employment Type: Full‑time, Permanent
Team: Mobile Security & Platform Engineering

About the Role

We are looking for a senior‑level Android specialist who lives and breathes the Android operating system – from the kernel up through the application stack – and can apply that deep OS knowledge to both secure product development and vulnerability research. The ideal candidate will be equally comfortable writing production‑grade code in C/C++/C#/Objective‑C and performing hands‑on security analysis (CNO/CNE) on Android and its various “flavors” (AOSP, OEM‑customized builds, Android‑Go, Android‑Enterprise, etc.).

You’ll join a fast‑moving security engineering team that builds hardened Android components, designs mitigation strategies, and discovers novel attack vectors. Your work will directly influence the security posture of our flagship mobile products and shape the next generation of Android hardening techniques.

What You’ll Do

Area Key Responsibilities
Android OS Engineering • Design, implement, and maintain low‑level Android components (kernel modules, HALs, system services).
• Contribute to AOSP and OEM‑specific codebases, ensuring secure coding practices throughout.
Secure Development (CNO/CNE) • Perform CNO (Cyber Network Operations) and CNE (Cyber Network Exploitation) activities: threat modeling, exploit development, and mitigation design for Android platforms.
• Lead vulnerability discovery cycles (static analysis, fuzzing, reverse engineering) and produce high‑impact CVEs.
Research & Innovation • Conduct original research on Android attack surfaces (e.g., SELinux bypasses, Binder exploits, hardware‑backed keystores).
• Publish findings internally and, where appropriate, externally (conference talks, white‑papers).
Tooling & Automation • Build and maintain custom security tooling (e.g., automated fuzzers, static‑analysis pipelines, CI security checks).
• Integrate security gates into the Android build system and CI/CD pipelines.
Collaboration & Mentorship • Partner with product, QA, and infrastructure teams to embed security early in the development lifecycle.
• Mentor junior engineers on secure Android development and vulnerability research techniques.
Incident Response • Provide rapid forensic analysis and root‑cause investigation for Android‑related security incidents.
• Develop and test incident‑response playbooks for mobile threats.

Required Qualifications

Category Must‑Have
Core Android Expertise • ≥ 5 years of hands‑on experience with Android OS internals (kernel, init, SELinux, Binder, ART, etc.).
• Direct work on multiple Android “flavors” (OEM custom ROMs, Android‑Go, Android‑Enterprise, etc.).
Programming Languages • Strong proficiency in C (kernel, native libs) and C++.
• Professional experience with C# (e.g., Xamarin/MAUI) or Objective‑C/Swift (iOS cross‑knowledge is a plus).
Security & Vulnerability Research • Demonstrated experience in vulnerability discovery, exploit development, or security research on Android (published CVEs, conference talks, or security‑focused open‑source contributions).
CNO/CNE Skills • Practical knowledge of cyber‑network operations and exploitation techniques (e.g., privilege escalation, remote code execution, post‑exploitation on Android).
Tooling • Familiarity with static analysis (e.g., Coverity, Flawfinder), dynamic analysis (e.g., Frida, Xposed), and fuzzing frameworks (e.g., AFL++, libFuzzer, ClusterFuzz).
Collaboration • Proven ability to work cross‑functionally and mentor junior engineers.
Clearance • Ability to obtain/maintain a Secret (or higher) clearance if required by the project.

Desired (Nice‑to‑Have) Skills

  • Experience with Rust for safe systems programming on Android.
  • Prior work on Secure Boot, Verified Boot, or Trusted Execution Environment (TEE) implementations.
  • Contributions to open‑source Android security projects (e.g., Android Security Enhancements, Magisk modules).
  • Knowledge of hardware‑level attacks (e.g., Rowhammer, Spectre/Meltdown variants) on mobile SoCs.
  • Certifications: OSCP, OSCE, CISSP, or equivalent.

What We Offer

  • Competitive salary + performance bonus.
  • Comprehensive health, dental, vision, and 401(k) match.
  • Generous PTO and flexible remote‑work policy.
  • Access to cutting‑edge hardware labs (Pixel, Samsung, Qualcomm dev kits).
  • Continuous learning budget (conferences, certifications, courses).
  • Opportunity to shape the security of millions of Android devices worldwide.

Interview‑Question Cheat Sheet

Focus Area Sample Questions
Android OS Depth • Walk us through the Android boot sequence on a typical AOSP device. Where would you insert a custom SELinux policy?
• How does the Binder IPC mechanism work, and what are common privilege‑escalation vectors associated with it?
C/C++/C# / Objective‑C • Show a snippet of C code that safely copies data from user space to kernel space. What checks are mandatory?
• Explain the differences between managed (C#) and unmanaged (C/C++) memory handling on Android.
Vulnerability Research • Describe a recent Android CVE you discovered (or studied). What was the root cause and the mitigation?
• How would you set up a fuzzing campaign for the Android media framework?
CNO/CNE • What steps would you take to gain persistence on a compromised Android device without root?
• Explain how you would perform a network‑based exploit against an Android device’s ADB service.
Tooling & Automation • Which static analysis tools do you trust for kernel code, and why?
• Design a CI pipeline that automatically runs a set of security checks on every Android build.
Incident Response • A user reports a malicious app that can read SMS messages. Outline your forensic investigation workflow.
Soft Skills • Tell us about a time you mentored a junior engineer through a complex security bug.
• How do you balance shipping features quickly with maintaining a high security bar?

How to Use This Posting

  1. Copy & paste the “About the Role” section into your ATS or job board.
  2. Adjust Location, Compensation, and Clearance details to match your organization’s specifics.
  3. Use the Interview‑Question Cheat Sheet as a starting point for technical screens and deep‑dive interviews.
  4. Share the “What We Offer” bullet points with candidates to highlight your competitive advantages.

Ready to attract top‑tier Android security talent?
If you need further customization (e.g., adding company‑specific values, tweaking the benefits list, or creating a tailored assessment project), just let me know—I’m happy to help you fine‑tune the posting or design a hands‑on coding/research challenge for candidates.

Requirements

  • Android (also flavors of Android) deep OS experience is a MUST have.
  • Both development and CNO/CNE skills required.
  • Vulnerabilities research experience

Skills

C#CObjective-C

Similar roles

Backend Java Engineer - Clearance Required

BTI360

Senior Software Engineer (Big Data)

KDA CONSULTING INC

Principal Software Engineer -Graphics

Microsoft AI

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free