Browser Security Researcher (Remote Considered)

Cheltenham, England, United Kingdom
Software and Services

Summary

Posted:
Role Number:200555203
Help Apple secure the world’s most advanced consumer devices, which people trust to store their personal and professional data. Remote working considered. Security Engineering & Architecture (SEAR) is at the core of Apple’s product security strategy and we’re fanatical about protecting our users. We're looking for an outstanding security engineer to join our exceptional team whose focus is on securing browser technologies; from the depths of the core browser engine itself to ensuring we create a fundamentally safe native environment which allow our developers to build critical applications on the web platform. As a security engineer in SEAR, you will lead research and analysis in identifying vulnerabilities and trends across our platforms, invent new defensive technologies to eliminate entire classes of issues, and drive the delivery of security mitigations alongside our partner engineering teams. We design and secure platforms for billions of users and are committed to user privacy and security. We have some of the most creative, passionate, hardworking engineers in the industry. Our team challenge each other to go beyond the norm to find new, innovative ways of solving problems and to make software safer, easier, and more fun to use. Not many jobs can offer all of these things. Security engineering jobs at Apple do, and much more.

Description

You are joining an exceptional team focusing on securing browser technologies across Apple platforms. You will be working alongside a wide variety of teams and vendors and your influence will be felt throughout Apple's extraordinary products, including: the iPhone, Apple Vision Pro, Mac and Apple TV. In addition, you will be responsible for identifying threats in advance and directly involved in Apple's response to critical issues as they arise. The job is as diverse as it is essential, from reverse engineering an exploit, providing insightful analysis and creating innovative tools, consulting with other teams on both hardware and software, to reviewing code and proposing designs for new security mitigations which will ship on billions of devices. This position requires someone with strong technical strengths and a passionate desire to secure systems. Your responsibilities will include helping to make Apple's products the industry's most secure, evaluating security-critical code, developing intelligent automated tools for vulnerability finding, building exploits for discovered vulnerabilities to challenge existing mitigation techniques, providing security focused consultations on key technology areas to partner teams and driving the design and development of new mitigations. This position may require some travel to other Apple sites, vendors, and security conferences.

Minimum Qualifications

  • Background in browser technologies OR the native technologies on which browsers are built.
  • Background in secure coding and code auditing.
  • Knowledge of modern anti-exploitation mitigations and their effectiveness.
  • Programming background in C, C++, and Python

Key Qualifications

Preferred Qualifications

  • Experience of software exploitation
  • Knowledge of macOS and iOS security architectures.
  • Knowledge of memory safe languages.
  • Proficiency with assembly languages, particularly ARM64, is a big plus.
  • Knowledge of high performance graphics stacks.
  • Knowledge of modern media stacks.

Education & Experience

Additional Requirements