SEAR - Security Researcher
Santa Clara Valley (Cupertino), California, United States
Software and Services
Imagine what you could do here. At Apple, new ideas have a way of becoming extraordinary products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. Platform Security believes the best defense is a good offense. When it comes to securing the world's most advanced operating systems, that means finding vulnerabilities first. We're looking for a talented and inspired individual to join our crack group of security engineers to attack Apple's products before they ship, with the goal of better safeguarding our users. You’ll become part of an exceptional team focusing on securing low level technologies such as the iOS and OS X kernel, boot ROMs, firmware, hardware, and basebands. Rooted in the Security Engineering and Architectureorganization, you’ll be working with a wide variety of teams and vendors. Your influence impacted throughout Apple's extraordinary products, such as the iPhone, iPad, Mac and Apple TV. Not only will you be tasked with identifying threats in advance, you'll also be directly involved in Apple's response to critical issues as they arise. From reverse engineering an exploit, providing insightful analysis and creatinginnovative tools, consulting with other teams on both hardware and software, auditing code and reviewing designs, the job is as diverse as it is critical. This position requires someone with strong technical strengths and a passionate desire to secure systems by showing how they can be broken. Is there any gadget in your home you have not disassembled? Do new security techniques lead not to despair, but insomnia in the pursuit of an exploit? Do you take delight in the reaction of a previously security unconscious engineer when showing how their code leads to a buffer overflow? If so, this may be the job for you.
- Help make Apple’s products the industry’s most secure.
- Develop fuzzers and other automated tools for vulnerability finding.
- Provide security design consulting to other teams.
- Assist with audit of security critical code and hardware.
- Reverse engineer malware.
- Required Experience:
- A proven track record in finding security vulnerabilities in shipping products.
- Programming background, in C, C++, and/or Objective-C.
- Proficiency with assembly languages, ARM a big plus.
- Familiarity with modern processor architecture.
- Background in secure coding best practices and code auditing.
- Have an understanding of past, current, and emerging security exploit types.
- Proficiency in scripting language(s).
- Proficiency in either Mac OS X or other flavors of UNIX.
- Have the ability to track and manage numerous parallel activities.
- A bachelor’s degree in computer science or a related field, or equivalent experience.
- Experience creating working proof of concepts from found vulnerabilities on systems with advanced anti exploitation measures (NX/XN, ASLR etc).
- Experience designing and architecting systems with security in mind.
- Exposure to kernel programming.
- Reverse engineering using tools such as IDAPro.
- Familiarity with the principles and use of cryptographic primitives and protocols.
Platform Security believes the best defense is a good offense. When it comes to securing the world's most advanced operating systems, that means finding vulnerabilities first. We're looking for a talented and inspired individual to join our crack group of security engineers to attack Apple's products before they ship, with the goal of better safeguarding our users.
Education & Experience
BS in Computer Science or equivalent experience/skills
- This position may require some travel to other Apple sites, vendors and security conferences.