Vulnerability Detection Engineer
Sydney, New South Wales, Australia
Apple is seeking an exceptional Vulnerability Detection Engineer to support the Vulnerability Management program across all Apple properties. This is a technical, hands-on role in a dynamic and fast-paced environment. You will be working with various teams within Apple, to build large scale vulnerability scanning, and reporting solutions. The ideal candidate is someone with a proven track record, sound technical knowledge and skills in engineering vulnerability detections and development in a hyper scaled environment.
- Expertise in vulnerability analysis and discovery as well as exploitation process and techniques
- Expertise in mitigation and defense against identified vulnerabilities
- Experience in developing vulnerability signatures or detectors for open source or commercial scanning solutions (nmap’s nse, tenable’s nasl and etc)
- Strong security skills, building large scale vulnerability scanning solutions
- Strong programming skills (ability to create efficient algorithms and data structures)
- Expertise in one or more of the following programming languages: Go, Java, C, Rust, Scala
- Expertise in the following scripting languages: Python, Shell script
- Expertise in one or more of the following query languages: SQL, NoSQL, SparkSQL
- Expertise in socket programming (TCP/IP, HTTP/S, etc.)
- Good working knowledge of Unix/Linux systems (filesystems, system calls, etc.)
- Good working knowledge of version control and repositories such as Git, and CI/CD process
- Good working knowledge of cloud and container based deployments, using AWS, Kubernetes etc.
- Experience with security orchestration, automation, and deployment tools, using Ansible, Terraform, and queueing systems (Kafka, RabbitMQ, etc.)
- Familiarity with common security vulnerabilities in code and the ability to judge their severity and impact
- Driven to automate and continuously improve
- Passionate about keeping our customers data safe
- Ability to track and manage numerous parallel activities
- Track record of practical problem solving, excellent communication and documentation skills.
- Comfortable in a fast-paced dynamic agile environment
- High standard of ethics
- Good knowledge of integrating, analyzing, and presenting relevant metrics for very large data sets
You will join a team who is passionate about staying up to date on emerging security vulnerabilities and threats, keeps a cool head in crisis, and advocates every single day for improving the security of Apple products and services. Successful candidates will need to have a good technical background, superb communication skills, and a strong interest in network, system, and web security. Specific responsibilities include: - Designing, development, and deployment of large scale vulnerability management solutions for discovery, detection, reporting, and remediation of vulnerabilities - Development of vulnerability signatures by researching on existing and new vulnerabilities - Work with other researchers to understand and incorporate their detections into existing scanner/s - Design effective processes for CI/CD of the vulnerability management solutions
Education & Experience
BS in Computer Science, Information Technology or related field and 5+ years experience in software development (preferably in Information Security domain)
- Apple is an equal opportunity employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities. Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants.
- We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.