The Product lock analyst - Android security is responsible for testing and helping maintain company's proprietary device locking technology against various bypass methods and tools, after every OS Over-The-Air (OTA) update, any update to our lock technology itself and any update to the in-market tools.
Responsibilities
- Proactively and systematically test device locking mechanism on a diverse range of Android devices and OS versions following every OTA update.
- Conduct thorough, periodic testing of the lock after every update or modification to the company lock technology.
- Actively research, identify, acquire, and utilize existing and emerging lock-breaking tools, software, hardware techniques, and methodologies (e.g., factory reset exploits, bootloader vulnerabilities, ADB exploits, custom ROM flashing, FRP bypass tools) to attempt to bypass the company lock.
- Develop, maintain, and execute comprehensive test plans, test cases, and test scenarios specifically focused on lock security, bypass attempts, and anti-tampering features.
- Simulate various attack vectors and user behaviors that could lead to a lock bypass.
- Document all testing activities, methodologies, findings, discovered vulnerabilities, and precise steps to reproduce in a clear, concise, and actionable manner using our bug tracking system (e.g., JIRA).
- Collaborate closely with Android developers, security engineers, and product managers to report vulnerabilities, discuss root causes, propose mitigation strategies, and verify the effectiveness of fixes.
- Provide detailed reports on test execution, vulnerability status, and overall lock security posture.
- Stay continuously updated on the latest Android security vulnerabilities, platform changes, rooting techniques, bootloader unlocking methods, custom firmware, and new bypass tools/techniques relevant to device locking mechanisms.
- Maintain and manage a lab environment with various Android devices, testing tools, and necessary infrastructure.
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field, or equivalent practical experience.
- 3+ years of experience in Quality Assurance, with at least 1-2 years specifically focused on mobile application testing on the Android platform, proven hands-on experience and a strong curiosity for attempting to bypass software-based locks, security mechanisms, or device restrictions.
- Strong understanding of the Android OS architecture, including bootloader, recovery mode, ADB (Android Debug Bridge), fastboot, system partitions, and security features.
- Familiarity with common Android rooting techniques, custom ROMs (e.g., LineageOS), and tools used for device modification (e.g., Magisk, Xposed Framework for understanding potential attack vectors).
- Experience with Android debugging tools (e.g., Android Studio, Logcat, Wireshark/tcpdump for network analysis if relevant).
- Meticulous attention to detail, strong analytical, and problem-solving skills.
- Excellent written and verbal communication skills, with the ability to document technical issues clearly and effectively.
- Ability to work independently, manage priorities, and take ownership of assigned tasks in a fast-paced environment.
