Senior Security Engineer

Santa Clara Valley (Cupertino), California, United States
Software and Services

Summary

Posted:
Weekly Hours: 40
Role Number:200119739
Apple is seeking an extraordinary Senior Security Engineer with a focus on infrastructure security to lead the innovative Internet Services Organization. This is a technical, hands-on role in a dynamic environment. You will need to have a good mixture of technical know-how as well as a background in higher level information security concepts, risk assessment methodologies, and integration of security practices into the development and systems architecture.

Key Qualifications

  • Excited to work with engineers on security features and risk mitigations
  • Passionate about keeping Apple’s customers safe
  • Curious enough to hunt for vulns through large, complex code bases
  • Obsessed with breaking software
  • Able to articulate technical details and risks to lay people
  • 5 years of relevant security experience
  • Deep linux expertise
  • Experience testing low level C components
  • Programming experience in compiled and scripting languages
  • Expertise in common application security tools (fuzzers, proxies, code analysis tools, etc.)
  • Experience attacking cryptographic implementation issues (TLS misconfigurations, etc.)
  • Networking experience

Description

You’ll be breaking (white and black box): Web applications Mobile applications Low level networking components Crypto services Container environments Linux kernel modules Lots of other interesting technologies we can’t include here You’ll be designing: Creative solutions to complex security issues Security tools and services Security automation solutions Threat models for products and environments

Education & Experience

Bachelors degree in Computer Science / Engineering with emphasis in security related fields (or equivalent experience) Certs like OSCP, OSCE, OSEE, etc. beneficial but not necessary Bonus points for community contributions like public CVEs, bug bounty recognition, open source tools, blogs, etc.

Additional Requirements