Security Engineer

Santa Clara Valley (Cupertino), California, United States
Software and Services

Summary

Posted:
Weekly Hours: 40
Role Number:200125373
Join Maps SRE in the multi-billion dollar a year Services organization of the Internet Services Operations team. We are currently seeking a number of extraordinary Site Reliability Engineers' as we enhance the support model for our Maps business that millions of customers use every day. We are hiring high quality engineers with a diverse set of experiences and skill sets that make you uniquely qualified to work in an environment that is fast paced, complex, and extremely large and will need to be a teammate and work effectively with other members of the Global Team. Our system has to scale globally, stay highly available, and "just work”. That's a tall order, and we're looking to add more talented and passionate engineers who love challenges. If you feel like you'd love to join this amazing team, we would love to hear from you.

Key Qualifications

  • Passionate about Application Security with 3+ years of relevant experience
  • Deep understanding of web application security threats, exploits, prevention
  • Ability to triage, reproduce, and recommend remediations for vulnerabilities
  • Proficiency with Java, Python etc.,
  • Experience in penetration testing, threat modeling
  • Passion for understanding and researching vulnerabilities and exploitation techniques
  • Knowledge of development and integration tools and technologies (e.g. CI/CD)
  • Knowledge of tools including static code analysis and dynamic application scanning (e.g. Checkmarx, Qualys)
  • Knowledge of test automation frameworks and how they can be used for security QE
  • Proficiency in networking concepts (firewalls, load balancers, etc)
  • Have a background in web application development and/or code auditing strongly preferred
  • Practical knowledge of applied cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc)
  • Keeps up with industry trends in security technology and threats
  • Experience securing infrastructure in public cloud (e.g. AWS, Azure, Google Cloud)
  • Excellent communication and social skills

Description

- Conducting security architecture reviews of the application stack, including applications built on cloud and emerging technologies - Reviewing source code for potential security issues - Writing security test cases to check for vulnerabilities or broken/missing security controls - Providing specific risk assessment and remediation guidelines for developers and business owners - Helping handle and triage findings from security tools including static and dynamic scanners - Conducting penetration testing against our applications, services, and environments; reporting underlying security issues and proposing appropriate security controls - Researching the latest security standard methodologies, trends, threats and vulnerabilities, and technology frameworks - Documenting and disseminating security guidelines for common security issues, remediation guidance, and security baselines - Working with developers to provide security guidance and mentor them as necessary - Developing tools and exploits to support application security automation and penetration testing - Help identify areas that are ripe for improvement and establish appropriate security goals - Influence and collaborate with the organization to develop secure solutions and to accomplish stated security goals

Education & Experience

Bachelor’s degree in Computer Science or equivalent industry experience

Additional Requirements

  • Apple is an Equal Opportunity Employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other legally protected characteristics. If you'd like more information about your EEO rights as an applicant. Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants.
  • Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. If you are applying for a position in San Francisco, please click here...
  • Apple participates in the E-Verify program in certain locations as required by law. Learn more.
  • Apple's committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. Learn more.