Site Reliability Engineer, Network Security
Seattle, Washington, United States
This position is available in Seattle (WA) or Santa Clara Valley (CA) Imagine what you could do here. At Apple, new ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. The Information Security team is responsible for developing services to lead and mitigate security risks faced by Apple. Apple is seeking an extraordinary Site Reliability Engineer to focus on building a secure, continuous delivery platform. This role will be responsible for designing, building, running, and monitoring network security infrastructure to support a variety of critical systems. This is a highly technical, hands-on role that requires expertise supporting systems at enterprise scale. The candidate will deliver innovative solutions.The successful candidate will design and implement new approaches and tools for continuous delivery within Apple Information Security.
- Engineering - continuously optimize secure, scalable and performant security tools and services
- Reliability - drive fault detection and correction, performance and uptime at global scale
- Monitoring - instrument systems to gain visibility and understanding of how they are performing at any time
- Automation and orchestration to enable
- Accelerated infrastructure, application and software configuration deployment
- Automated response to alerts or indicators of performance issues
- Infrastructure as code
- 5+ years of managing services in a distributed, mission critical *nix environment
- Experience supporting infrastructure and services in public cloud environments (AWS, GCP, etc.)
- Expertise with in both building and using log aggregation and distributed monitoring tools (Splunk, Elastic Stack, etc.)
- Experience building and supporting containerized application technologies including Docker, kubernetes
- Familiarity with CI/CD tools and deployment processes
- Working knowledge of network protocols and network based services, including routing, network load balancing and web proxy appliances / applications.
- Deep understanding Linux/Unix system internals, including kernel tuning
- Proficient with various programming languages such as Python/Java/Ruby/Perl/Go for building automation or integration with APIs
- Proven understanding and experience with centralized configuration management, coordination and provisioning technologies, such as Ansible, Chef, Puppet, etc.
- Excellent interpersonal skills, should be capable of working with cross functional technical and business teams and varying levels of management
- Experience implementing and working with open source projects
- Strong project management skills, including excellent presentation development
- Passion for writing detailed solution specifications, diagrams, best practices/standards documentation, operating procedures, test plans/test reports, etc.
- We build automation and tooling required to orchestrate security policy enforcement (Firewalls, VPN and proxy infrastructure) - Partner with security teams to provision scalable workloads authoritatively across distributed compute resources - Provide engineering and operational support for distributed systems and network based information security tools, including for configuration management and provisioning - Implement and maintain security controls within cloud computing environments - Work closely with development teams to understand application performance and behavior patterns to actively monitor, tune and correct issues before they occur - Find opportunities to improve security tooling reliability, performance and security - Develop tools and automation to eliminate manual and repetitive efforts
Education & Experience
Bachelor of Science in Computer Science or equivalent experience