Security Applications Engineer - Apple Retail
Santa Clara Valley (Cupertino), California, United States
Software and Services
Imagine what you could do here. At Apple, great ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. Apple Online Store team has an immediate opening for a Security Engineer. Our group's focus is on design and security of the core services and fabric of the Apple Online Store. Our scope includes everything from customer applications like iCloud and iTunes, to enterprise services like retail payment systems that support our physical and online storefronts. Conduct architecture security review, application testing, and penetration testing modeled after real world attackers (i.e., exploit and pivot).
- Experience manually testing web applications or enterprise penetration testing
- Experience with a scripting language (e.g. Perl, Python, PHP, Ruby)
- Experience reviewing Java based applications (e.g. J2SE, J2EE)
- Solid understanding of Cryptography
- Proficiency in either Mac OS X and/or other flavors of UNIX
- Ability to explain basic networking concepts (routing, ACL, load balancers, SSL/TLS, TCP) in order to provide application architecture feedback
- Background in web application development and/or code auditing strongly preferred
- Strong verbal & written communication skills
- Passion for discovering and researching new vulnerabilities and exploitation techniques
- We seek a self starter, forward-thinking person with strong leadership capabilities.
- Extraordinary interpersonal skills, for collaborating across many participating teams.
- You will interact with many other group’s internal team to lead and deliver premier products in an exciting fast-paced environment.
- Dynamic, intelligent people and inspiring, innovative technologies are the norm here. Will you join us in crafting solutions that do not yet exist?
Conduct security architecture review of the full stack including applications built on cloud and emerging technologies. Conduct manual application security testing and source code auditing for a variety of technologies. Provide clear and detailed risk assessment and remediation guidelines for developers and business owners. Conduct privacy reviews in partnership with compliance, legal, and business teams. Conduct penetration testing targeting critical Apple data, services, and environments. Report underlying security issues and propose enhanced security protections. OTHER RESPONSIBILITIES INCLUDE: You will conduct security research on the latest standard methodologies, trends, threats and vulnerabilities, and technology frameworks You will be documenting and disseminating security guidelines for common security issues, remediation guidance, and security technology baselines We work multi-functionally with teams Apple wide providing security consulting services and driving new security initiatives. Our hardworking team of security professionals is a key to our success.
Education & Experience
Bachelor in Computer Science with specialization in Information Security or equivalent work experience.