Threat Analyst (Mobile Malware)

About the Job

The Position: Threat Analyst - (Mobile Malware)

Position: Full-time | 40 hours per week

Location: Amsterdam, Netherlands | Work From Home (2–3 days per week in the office)

Salary Range: 70k - 90k annualy

As a Threat Analyst diving into the world of Mobile Malware at ThreatFabric, you will analyze malicious code targeting mobile platforms, uncover threat actor techniques, and transform complex technical findings into clear, actionable intelligence for customers and internal stakeholders. You will play a critical role in uncovering the latest mobile threats, predicting shifts in the threat landscape, and enhancing our detection capabilities. You will work closely with internal security, engineering, and intelligence teams to ensure stakeholders stay informed and protected against emerging mobile threats.

Responsibilities

• Performing in-depth reverse engineering of Android and iOS malware using tools such as JEB, Ghidra, JADX, Frida, and dynamic analysis frameworks.
• Conducting static and dynamic malware analysis to uncover functionality, behavior, and indicators of compromise (IOCs).
• Collecting, correlating, and analyzing threat intelligence from open-source, proprietary, and internal data sources.
• Identifying and tracking mobile threat actors, campaigns, and emerging malware families.
• Performing proactive threat hunting to uncover new, unknown, and evolving mobile threats.
• Conducting investigations based on customer requests and delivering clear, actionable results to support their anti-fraud strategies.
• Producing high-quality reports, including detailed technical analyses, threat summaries, and customer-facing deliverables.
• Communicating findings clearly to technical and non-technical audiences, including customers, leadership, and cross-functional teams.
• Collaborating with internal teams to improve visibility on the threat landscape and enhance detection capabilities.
• Staying up to date with developments in mobile malware, cybercrime trends, and attacker Modus Operandi.

What We Offer

• A 12-month employment contract with the intention to extend. Subject to mutual satisfaction, this may lead to a permanent position.
• A competitive salary 70k - 90k annualy
• 25 holidays per year.
• 8% holiday allowance (included in annual salary).
• A Pension Scheme
• A stimulating and supportive work environment that encourages growth and development.
• The opportunity to make a meaningful impact in a rapidly growing tech company.
• Flexible Remote / Hybrid work-from-home options to promote work-life balance.
• Flexible working hours.
• Active ThreatFabric events and FitFabric bootcamps.
• Active knowledge-sharing huddles.

Skills & Competencies

Technical Skills

• Proven experience in reverse engineering mobile applications, especially mobile malware.
• Experience with industry-standard reverse engineering tools such as JEB, Ghidra, JADX, Frida, and dynamic analysis frameworks.
• Basic proficiency in scripting languages such as Python and Bash for automation, data parsing, and analysis tooling.

Would be a bonus:

• Strong knowledge of Android and/or iOS internals, mobile security models, and common mobile attack vectors.
• Strong knowledge of the current mobile threat landscape, including malware families, threat actors, and emerging Modus Operandi.

Analytical Skills

• Ability to identify patterns in complex datasets and threat intelligence.
• Experience working with tools such as Kibana and Elasticsearch.
• Ability to correlate code, attack techniques, campaigns, and Modus Operandi into a coherent intelligence picture.

Communication and Reporting

• Strong writing and verbal communication skills.
• Ability to clearly communicate complex technical findings to both technical and non-technical stakeholders.

Continuous Learning

• Strong eagerness to stay up to date with the latest developments in the mobile threat landscape.
• Continuous drive to improve technical and analytical skills.

Information Security, Business Continuity & Privacy

• Adheres to company security, continuity, and privacy standards.
• Acts as a role model in secure research practices and data compliance.
• Proactively reports and supports resolution of security incidents.

About ThreatFabric

At ThreatFabric, we're not just shaping the future of cybersecurity — we're defining it. With our headquarters in the vibrant city of Amsterdam, ThreatFabric stands at the forefront of combating online fraud, mobile malware, and threat intelligence.

Costly online scams, fraud and malware attacks are rampant. Victims’ life savings are stolen, but so are their confidence and trust. On top of this, financials' brand and reputation are damaged. Many lack online visibility to trigger prompt reaction, and the industry faces regulatory reimbursement pressure.

This is why ThreatFabric provides web and mobile security: scam, fraud and malware detection and prevention, and threat intelligence to be proactive. We help the biggest financial brands protect their customers and their reputation in a world where attacks accelerate, and trust erodes.

Join Our Dynamic Team

Ready to dive into the heart of innovation? Our team is a melting pot of talent, passion, and expertise from all corners of the globe. Behind ThreatFabric's success lies a diverse ensemble of technical experts, data scientists, and thought leaders united by a passion for innovation. With a global perspective and a collaborative spirit, our team leverages innovative technology and thousands of data points to deliver security solutions.

As a scale-up, we embrace a scale-up mentality where flexibility, adaptability, and a dynamic approach are essential.

Our Core Values

At ThreatFabric, our culture is defined by three guiding principles:

One Team: Collaboration fuels our success as we work together to tackle complex challenges.

Continuous Excellence: We're committed to pushing boundaries and exceeding expectations in everything we do.

Customers at the Heart: Our customers are not just clients - they're partners. Their success is our priority.

Interested? Are you as excited about this opportunity as we are? We can't wait to hear from you! Apply through the Personio link, and let's make innovation happen together! We aim to fill this vacancy in Q2 2026

What's next? So, you've hit send — what happens now? First, we'll do a screening to ensure we're a good match. If all goes well, you'll be invited for an initial chat with us. Then, there's a second interview, and we may include an assessment to better understand your skills. Ready to take the plunge?

Please note: Pre-employment screening is part of our selection process. We do not accept unsolicited resumes from recruiters or employment agencies.