Security Engineering & Architecture, Senior Software Analysis Engineer
Santa Clara Valley (Cupertino), California, United States
Software and Services
The security engineering team at Apple creates program analysis tools that protect over 1 billion users by sequencing the DNA of millions of iOS & macOS binaries. We're seeking engineers to help improve and expand our custom binary analysis IR, program analyzers, decompilers, emulators, and compiler-based security mitigations.
- Excellent programming skills in C and Python. Swift or C++ experience is a plus.
- Strong experience with Apple’s operating systems (macOS & iOS, Objective-C, frameworks, dyld, etc.) or a demonstrated skill in quickly learning OS internals
- Expert understanding of x86 and ARM assembly & architecture
- Experience with program analysis, including static analysis algorithms and control & data flow analysis. Experience building adjacent tools, like decompilers and emulators, is a plus.
- Basic understanding of software security concepts like memory safety and program correctness
- Effective communication of complex technical concepts
- Passionate about engineering perfection, performance, and quality
- Enthusiasm for new technologies and growth
Our team cares deeply about protecting Apple’s customers from apps that might compromise their security and privacy. We built systems that scan every binary that developers upload to the App Store and notary service and that help other teams at Apple deliver safer software. Here are examples of the kinds of projects you might be working on with us. * Disassemblers: improve binary lifter to translate native to intermediate representation. Create thorough test harness for automatically verifying correctness of translation * Decompilers: recover higher-level control & data flow structure. Implement static analysis passes to optimize, detect loops, rename variables, and simplify expressions to make them easier to for analysts to understand. Type analysis of variables and memory accesses. * Compilers: implement new memory protection techniques * Emulators: design and implement emulator for executing instructions in a safe environment, including memory model and interactions with the environment * Reverse-engineer problematic binaries to diagnose problems with our tools or understand new malware or exploits.
Education & Experience
BS in Computer Science or equivalent experience/skills