Help Apple secure the world’s most advanced consumer devices which people trust to store their personal and professional data. We believe that the best defense is a good offense, and that that means finding vulnerabilities before the community does. We're looking for talented and inspired individuals to form part of a crack group of security engineers to attack Apple's products, with the goal of better safeguarding our users. This team will focus on breaking security mechanisms whose foundations are anchored in hardware and are used by low level software to thwart advanced techniques used to compromise embedded systems.
- Working experience with modern SoC security related features (debug features, power and clock management, fabric, memory management)
- Ability to review HW designs down to the RTL level (familiarity with Verilog is a plus)
- Programming background in C, C++, Python
- Reverse engineering skills + working knowledge in IDA
- Familiarity with ARM CPUs (architecture and instruction set)
- Proficiency in a real time operating system internals
- Good understanding of the principles and use of cryptographic primitives and protocols
- An understanding of past, current, and emerging security exploit types
- A proven track record in finding security vulnerabilities in shipping products
Customers’ security, privacy, and safety are very important to Apple. Your job will be to analyze our products and attempt to break them in ways that could undermine these goals, especially when the attacker is in possession of the Apple device or in close proximity to it (connecting over WiFi, BT, RFID). In order to do that, you will be required to: Take a system or sub-system and find ways to overcome the defence mechanisms that have been implemented in hardware and low-level software. Examine new Apple silicon security features and prove if/how they can be defeated. Examine embedded systems and find security vulnerabilities in Apple or 3rd party silicon and firmware, including in the interfaces between components. Analyze a system to understand the potential threats and attack vectors Stay abreast of modern hacking techniques against Apple products, particularly those where the attacker is in close proximity or possession of the device.
Education & Experience
Bachelor/Masters in Engineering/Computer Science, and/or proven track record as a security researcher/analyst