Senior Android Security Engineer

Important note: we DO NOT process applications through LinkedIn.

In order to apply: send an email to techjobs@murena.io with subject Applying for Senior Android Security Engineer

Senior Android Security Engineer at Murena – Remote | /e/OS Development

Murena develops /e/OS, a privacy-by-design, de-Googled mobile operating system based on Android, as well as Murena Cloud / Murena Workspace.

Our mission is to offer a credible, privacy-respecting alternative to mainstream mobile ecosystems, without tracking or profiling.

We are a small, international, fully distributed team with a strong open-source culture and an active community around /e/OS.

Overview of the role

To accelerate our roadmap on Android app compatibility, we are hiring a Senior Android Security Engineer – Play Integrity / microG

You will work on the design and implementation of Play Integrity / SafetyNet-like compatibility in the microG + /e/OS ecosystem, in a way that:

• respects user privacy,
• complies with legal and contractual constraints,
• avoids direct dependency on proprietary Google Play services.

Your work will have a direct impact on:

• App compatibility on /e/OS, especially for sensitive apps (banking, payments, etc.),
• User experience and trust,
• The overall credibility of /e/OS as a viable alternative for the general public.

Responsibilities:

• Perform in-depth technical analysis of Android attestation mechanisms:
• Play Integrity, legacy SafetyNet, device and app attestation, anti-tamper / anti-root logic, etc.
• Design and implement compatibility solutions within the microG + /e/OS stack, considering:
• privacy and data minimization,
• legal and regulatory constraints,
• technical constraints of AOSP-based custom ROMs.
• Work at the framework / system level of Android:
• system services, hooks, APIs, integration with microG and /e/OS components.
• Contribute to microG and related open-source projects, in collaboration with maintainers and the wider community.
• Build and maintain testing and validation for real-world scenarios:
• banking apps, payment apps, streaming, and other “high-sensitivity” apps,
• automated compatibility tests where possible.
• Monitor evolution of Play Integrity and related APIs, and propose technical strategies accordingly.
• Provide clear technical documentation of designs, trade-offs, and limitations for internal teams and, where relevant, public developer documentation.

Requirements:

• 5+ years of experience in low-level Android development, such as:
• AOSP / Android framework, system services, OEM / BSP work, or custom ROMs.
• Strong knowledge of Java/Kotlin for Android and good working knowledge of C/C++ (NDK / low-level components).
• Hands-on experience with at least one of the following:
• Play Integrity, SafetyNet, attestation mechanisms, DRM, anti-tamper, or advanced mobile security,
• Android reverse engineering (smali, bytecode, hooking, instrumentation frameworks).
• Solid understanding of:
• Mobile application security and typical Android threat models (root, bootloader unlock, Magisk, etc.),
• server-side attestation flows (APIs, backends, signatures).
• Comfortable working in an open-source environment:
• public issues, merge requests, code review, and technical discussions.
• Fluent English, written and spoken (international remote team and community).

Preferred Qualifications:

• Previous contributions to microG, a custom ROM, or related open-source Android projects (privacy, security, de-Googling, etc.).
• Experience with applied cryptographyb (signatures, certificates, tokens, attestations).
• Backend experience (Go / Java / Kotlin / Node, etc.) for handling attestation responses on the server side.
• Strong interest in:
• Privacy and digital rights,
• European or international regulatory topics (GDPR, data protection, digital sovereignty).

What we offer

• A high-impact mission: helping to build a real alternative to the dominant mobile ecosystems.
• A Remote-first, flexible work environment within an international team.
• Competitive compensation depending on profile and location.
• High level of technical autonomy and ownership, working closely with the /e/OS core team and leadership.

Location & contract

• Remote, ideally within Europe or time zones close to CET.
• Contract type: full-time employee or long-term freelance, depending on your situation and local regulations.

How to apply

Please send us:

• Your CV or links to GitHub/GitLab or similar,
•  A few concrete examples of work related to Android low-level development, security, or reverse engineering (repositories, talks, blog posts, etc.),
• A brief note explaining why this topic interests you and your view on Play Integrity compatibility in a privacy-first context.

Important note: we DO NOT process applications through LinkedIn.

In order to apply: send an email to techjobs@murena.io with subject Applying for Senior Android Security Engineer