Digital Forensic Researcher Mobile Device Hacking

Functieomschrijving

Immerse yourself in research projects covering the analysis, reparation, and accessibility accessing of modern integrated circuits at various levels, from packages to components. In addition, contribute to law enforcement in the Netherlands. You will only find that unique combination at the Netherlands Forensic Institute, where you get to work as a digital forensic researcher and examiner.

As a digital expert in the field of mobile device hacking, you will strengthen the Digital Technology team. Your challenge? Reverse engineer the workings and security of mobile consumer devices. Develop a method on a reference device in such a way that it can be applied on confiscated devices, in order to extract the data or break through the security and recover the information within the device.

You will collaborate with experts of the Digital Technology team that are proficient in reverse engineering, engineering, crypto, and data-analysis. You will support the development of setups that are used to analyse target devices with side-channel analysis and fault injection. On the other hand, you will familiarise yourself in attack concepts developed by others and adjust these for use in forensic cases.

Both on a software and hardware level, using your low-level knowledge of embedded devices, the code you will develop will run close to the firmware or even lower, so stable measurements can be acquired. You will make small changes in the hardware of target devices in order to access relevant signals and optimize measurement setups. To be able to do so, you will analyse software (reverse engineering) and hardware of the target devices at the lowest level, for a large part in a black box scenario.

Obtaining access of secured mobile devices is a multidisciplinary problem that includes other fields of expertise such as chip-off, silicon analysis, exploit development, FPGA-engineering, and cryptography. This is why you will include your colleagues in the team Digital Technology and their international partners where necessary. Besides this, you can shape and focus your research by yourself. You must be able to work well individually, but you do not hesitate to ask for help when needed and have a pragmatic attitude.

Functie-eisen:

• Proven, preferably practical, low-level knowledge of embedded systems (hardware and firmware).
• Provable, preferably practical, knowledge of Android’s chain of trust.
• Knowledge of FDE, FBE, Keymaster and StrongBox is preferred.
• Provable, preferably practical knowledge and experience with (hardware) reverse engineering.
• Experience with software reverse engineering on a variety of layers (ROM, firmware, kernel, PBL, SBL, XBL, aboot, sboot, Android) is preferred.
• Knowledge of trusted execution environments is preferred.
• You have an affinity with simulating firmware.
• Experience (or affinity with) with micro-soldering is preferred.
• University level education, preferably with a large computer security component.
• You have a wide interest of integrated components, signal analysis, and cryptography.
• You are able to focus on and execute your own research and communicate about this with your colleagues.
• You are a team player, good in collaborating, and like to take initiative.
• You have an affinity with hardware development (FPGAs, PCB-development).
• You have an affinity with software development (VHDL, C, Python).
• You have an affinity with security and justice.

Competencies:

• analytical ability
• judgement
• persuasiveness
• collaborate
• planning and organising
• creativity