our mission
Dataflow Security is a boutique R&D firm that specializes in providing novel and cutting-edge research to its clients to keep society safe.
about us
We are a front-runner with a proven track record in finding and exploiting vulnerabilities in most popular mobile products for many consecutive years. The source of our knowledge is our vast experience with the overall mobile platforms’ architecture, their subsystems and subcomponents, and the interaction between them.
services
Vulnerability Research
Our researchers will collaborate with your internal research team to achieve their goals in an efficient and productive way.
You may want to retain our services in case:
- You’re having difficulties in finding a vulnerability in a complex codebase
- You’re lacking internal researchers / know-how in a specific area of the codebase
- You need help reversing and analyzing a closed-source piece of code
Exploit Development
Below are the use cases for retaining our exploit developers:
Exploiting
You have an exploitable bug, but it is hard to exploit it
Optimizing
You have an exploit and you need to optimize its reliability and/or execution time
Porting
You have an exploit that needs to be ported to different vulnerable device models
Chaining
You have a couple or more exploits that need to be chained
Training Services
We provide training services tailored to your specific needs.
contact us
Business Inquiries
Please note: our services and exploits are available only to government agencies and their certified vendors.

Found a bug (crash) in iOS or Android?
Reach out to discover its current value.

job inquiries
For more details on how to apply, contact us at:

Senior Security Researcher


We are looking to fill the position of a senior security researcher. A person in this role will conduct vulnerability research on modern mobile software stacks of different vendors.
Responsibilities:
- Planning and conducting vulnerability research, reverse engineering and exploit development around mobile browsers, messaging apps or operating systems;
- Providing unbiased insights and ideas;
- Writing blog posts and white-papers on the topics of cyber security;
- Participating on behalf of Dataflow at conferences and information security competitions.
Requirements:
- Must be able to apply a methodical approach to rigorously analyze and document the attack surface of unfamiliar and possibly large target code bases;
- Track record of findings of impactful vulnerabilities (e.g., RCE, Sandbox escape, privilege escalation) in a mobile browser, mobile messaging app or Android/iOS kernels during the last 2 years;
- Deep knowledge of memory corruption vulnerabilities;
- Deep knowledge of exploitation is a plus, but not required;
- Must be willing to conduct long term and widely scoped security research projects.
- Good written English.
What we offer:
- Finance: Highly competitive compensation package with an additional monetary bonus system based on vulnerability findings;
- Career Development: Enjoy off-topic time and access to the most attractive international training, conferences, hackathons, and more;
- Wellness: We offer a prime wellness program designed to promote a healthy lifestyle, which includes, but not limited to access to gyms around the world, health coaching, and more;
- Work Environment: Fully remote work environment as part of experienced and renowned mobile security researchers.
Head of Engineering


We are looking to fill the position of Head of Engineering. A person in this role will be responsible for leading our engineering team and help Dataflow maximize its internal engineering efforts, tools and infrastructure. To be successful in this role, you should be confident leading our engineering team while, at the same time, setting goals, budgets and timelines for various projects. We also expect you to be in charge of integrations and software development plans from ideation to execution.
Responsibilities:
- Leading and developing the engineering and DevOps team;
- Implementing best practice engineering methods;
- Providing technical guidance to engineering teams and top management;
- Planning, managing and executing internal engineering projects, such as R&D, infrastructure and business applications;
- Prepare and manage the engineering team budget;
- Recruiting engineers and coordinating their training;
- Generating, implementing and optimizing process improvements;
- Investigating digital technologies and making suggestions to the VP of Information Security;
- Designing and implementing new IT & security products and procedures;
- Creating new ways to address existing security challenges;
- New duties and responsibilities may be added or removed throughout your period at the company.
Requirements:
- Leadership abilities with a strategic mind;
- A strong background in software engineering (at least 5 years);
- Experience working as part of or leading an engineering team with agile methodologies (e.g. Scrum);
- Experience working with Linux/Python-based application stacks;
- Basic familiarity with Ansible;
- Familiarity with infrastructure and networking topics;
- Ability to be successful leading a team at a remote-only company;
- Ability to take initiatives and generate results;
- Good and effective verbal and written English communication skills.
What we offer:
- Finance: Highly competitive compensation package;
- Career Development: Enjoy off-topic time and access to the most attractive international training, conferences and more;
- Wellness: We offer a prime wellness program designed to promote a healthy lifestyle, which includes, but not limited to access to gyms around the world, health coaching, and more;
- Work Environment: Fully remote work environment as part of experienced and renowned mobile security researchers.
Android Security Researcher


We are looking to fill the position of an Android security researcher. A person in this role will conduct vulnerability research in the default configuration of modern Android devices by different vendors. The main focus of the research will be userland attack surfaces.
Responsibilities:
- Planning and conducting vulnerability research and reverse engineering of Android operating system components;
- Providing unbiased insights and ideas;
- Writing blog posts and white-papers on the topics of cyber security;
- Participating on behalf of Dataflow at conferences and information security competitions.
Requirements:
- Must be able to apply a methodical approach to rigorously analyze and document the attack surface of unfamiliar and possibly large target code bases;
- Must be willing to conduct long term and widely scoped security research projects – a vested interest in reverse engineering and reading code is recommended;
- Experience reversing Java applications (specifically Android APKs);
- Good knowledge of logic vulnerabilities in Java-based applications (such as web applications or Android applications);
- Good knowledge of the Android ecosystem (e.g. should have rooted an Android phone before, dumped APKs, understands intents etc.);
- Good written English;
- Basic familiarity with reverse engineering of compiled native code for ARMv7 or ARM64 architectures.
What we offer:
- Finance: Highly competitive compensation package with an additional monetary bonus system based on vulnerability findings;
- Career Development: Enjoy off-topic time and access to the most attractive international training, conferences, hackathons, and more;
- Wellness: We offer a prime wellness program designed to promote a healthy lifestyle, which includes, but not limited to access to gyms around the world, health coaching, and more;
- Work Environment: Fully remote work environment as part of experienced and renowned Android security researchers.
macOS Security Researcher


We are looking to fill the position of a macOS security researcher. A person in this role will conduct vulnerability research in the default configuration of macOS. The main focus of the research will be userland attack surfaces applicable for sandbox escapes and privilege escalations.
Responsibilities:
- Planning and conducting vulnerability research, reverse engineering and exploit development in the context of the macOS operating system;
- Providing unbiased insights and ideas;
- Writing blog posts and white-papers on the topics of cyber security;
- Participating on behalf of Dataflow at conferences and information security competitions;
Requirements:
- Must be able to apply a methodical approach to rigorously analyze and document the attack surface of unfamiliar and possibly large target code bases;
- Must be willing to conduct long term and widely scoped security research projects – a vested interest in reverse engineering and reading code is recommended;
- Experience reverse engineering compiled native for Intel or ARM64 platforms;
- Experience recognizing security vulnerabilities and their impact;
- Good knowledge of memory corruption vulnerability classes and exploit strategies;
- Good knowledge of macOS userland concepts such as IPC mechanisms, sandboxing, services etc;
- Good written English.
What we offer:
- Finance: Highly competitive compensation package with an additional monetary bonus system based on vulnerability findings;
- Career Development: Enjoy off-topic time and access to the most attractive international training, conferences, hackathons, and more;
- Wellness: We offer a prime wellness program designed to promote a healthy lifestyle, which includes, but not limited to access to gyms around the world, health coaching, and more;
- Work Environment: Fully remote work environment as part of experienced and renowned macOS and iOS security researchers.
Android Engineer


We are looking to fill the position of an Android engineer responsible for maintaining software products (exploits) on the Android platform and aid our research team by performing continuous quality assurance.
Responsibilities:
- Framework development & maintenance (delivery frameworks, tooling, kernel post-exploitation);
- Continuous quality assurance of Dataflow software products - this includes conducting rigorous and methodical testing on a wide range of Android devices and software versions, as well as maintaining documentation of frameworks and components used.
Requirements:
- Must have strong low level engineering skills in C;
- Must have strong native code debugging skills (ideally in the context of exploit development);
- Must have basic knowledge of reverse engineering tools;
- Must have basic knowledge of JavaScript;
- Must be familiar with the Android ecosystem (rooting devices, building custom kernels, etc);
- Must be able and willing to apply a scientific mindset to the problem of exploit reliability testing and optimization.
What we offer:
- Finance: Highly competitive compensation package;
- Career Development: Enjoy off-topic time and access to the most attractive international training, conferences, hackathons, and more;
- Wellness: We offer a prime wellness program designed to promote a healthy lifestyle, which includes, but not limited to access to gyms around the world, health coaching, and more;
- Work Environment: Fully remote work environment as part of experienced and renowned Android security researchers.
HR Specialist


We’re looking for an HR Specialist to join our fast growing team. In this position you’ll be responsible for the full cycle recruitment, social media, welfare, wellness program, and to deliver accurate data and implement standard processes across the entire employee lifecycle.
Responsibilities:
- Supporting end to end recruitment processes;
- Updating recruitment system and database, maintain data validity constantly;
- Scheduling and coordinating remote or onsite interviews;
- Conducting phone interviews & screening;
- Ongoing communication with candidates, provide follow-up and information about the recruitment process;
- Maintaining strong partnerships with external recruiters & HR agencies;
- Posting new positions in a variety of recruiting platforms;
- Onboarding/Offboarding operational processes;
- Planning and executing welfare activities, including, but not limited to company’s events, happy hours, holidays, gifts, etc;
- Responsible for the company’s wellness program.
Requirements:
- Excellent communication interpersonal skills;
- Self-management, well-organized multitasker, and service oriented;
- 3+ years of experience (HR/Recruiting);
- Proficient with Microsoft Office tools;
- Fluent English;
- Bachelor’s degree in Human Resources is an advantage;
- Experience with a multinational/remote company is an advantage.