Security Architect, Ad Platforms Engineering

Santa Clara Valley (Cupertino), California, United States
Software and Services

Summary

Posted: Oct 9, 2018
Role Number: 113638391
At Apple, we work every day to create products that enrich people’s lives. Our Advertising Platforms group makes it possible for people around the world to easily access informative and imaginative content on their devices while helping publishers and developers promote and monetize their work. Our technology and services power advertising in Search Ads in App Store and Apple News. Our platforms are highly-performant, deployed at scale, and setting new standards for enabling effective advertising while protecting user privacy. We are seeking an expert software architect/senior engineer who is passionate about creating and executing on a security strategy for high-performing, scalable, well-designed systems that are the foundation for critical internal and customer-facing platforms at Apple. As a security lead, you will take ownership of a solution from beginning to end and deliver phenomenal software to help drive usage and monetization for Search Ads in the App store, within Apple News and other platforms. You will collaborate with engineering leaders, developers, deployment engineers, and security teams to secure Ad Platforms’ applications and services, present and future. Your activities will include collaborating with architects across the organization, threat modeling, creating and executing risk mitigation strategies. You will be working with teams on security tools and security testing methodologies to keep our services tight. You will experience a rapidly evolving technology and threat landscape and give to the education of teams on secure application design, development, and testing. Expect to be exposed to a broad range of systems, including web applications, distributed processing, and virtualized environments.

Key Qualifications

  • We are looking for someone who is:
  • Passionate about keeping Apple’s customers safe online.
  • Motivated by tackling difficult and novel problems in a highly complex environment.
  • Able to influence decision makers. Excellent at multitasking, organizing, and prioritizing complex projects to meet deadlines.
  • Highly collaborative and an excellent communicator.
  • You will be successful here if you are someone who:
  • Acts with high ethical standards and integrity.
  • Listens for nuances and digs into details to understand systems deeply.
  • Detects areas that are ripe for improvement and establishes appropriate security goals.
  • Influences and collaborates with colleagues to develop secure solutions and to accomplish stated security goals.
  • Desires to share your breadth of technical knowledge.
  • Keeps up to date with new security technologies and methodologies and their applicability to large scale distributed systems
  • Technical Requirements:
  • Minimum 10 years of relevant experience
  • Strong understanding of security assurance methodologies and technologies, such as secure coding standards, static and dynamic security testing, and secure software development lifecycles
  • Strong understanding of distributed systems, data centers, CDN infrastructure, and web services architectures
  • Deep expertise in security architecture in hybrid environments spanning on premise and cloud infrastructure
  • Experience building capabilities that monitor and enable a security first approach to software development
  • Experience with key management, rotation and other aspects of data encryption on the cloud
  • Good understanding/working knowledge on the PCI and SOX controls
  • Analysis and communication skills to help others comprehend complex data
  • Expertise in programming and scripting languages, such as C, C++, Java, Swift, Python, Perl, PHP, Ruby, shell, etc.
  • Deep UNIX systems administration skills

Description

You will: Be the technical leader responsible for security for Ad Platforms Work cross-functionally with teams throughout Apple on technology initiatives to enhance security and best practices of product and service teams Design, develop, and implement security controls and tools that improve the defense of Ad Platforms infrastructure and applications Work with engineers to analyze systems, threat model new features, and create responsive controls to ensure end-to-end customer protection Develop production infrastructure fixes to complex vulnerabilities Lead cutting-edge security efforts at a scale you will only find at Apple Lead cutting-edge security efforts at a scale you will only find at Apple

Education & Experience

Bachelors or Masters/Ph.D. (preferred) in Computer Science or Engineering with an emphasis in Computer Security or a related field, or equivalent experience. Security community contributions such as scientific publications, public CVEs, bug-bounty recognition, open source tools, or blogs are useful. Apple is an equal opportunity employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities. Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants.

Additional Requirements

  • Minimum 10 years of meaningful experience Strong understanding of security assurance methodologies and technologies, such as secure coding standards, static and dynamic security testing, and secure software development lifecycles Strong understanding of distributed systems, data centers, CDN infrastructure, and web services architectures Deep expertise in security architecture in hybrid environments spanning on premise and cloud infrastructure Experience building capabilities that monitor and enable a security first approach to software development Experience with key management, rotation and other aspects of data encryption on the cloud Good understanding/working knowledge on the PCI and SOX controls Analysis and interpersonal skills to help others comprehend complex data Expertise in programming and scripting languages, such as C, C++, Java, Swift, Python, Perl, PHP, Ruby, shell, etc. Deep UNIX systems administration skills