Vulnerability Engineer

Santa Clara Valley (Cupertino), California, United States
Corporate Functions

Summary

Posted:
Weekly Hours: 40
Role Number:200172534
Apple’s red team conducts goal-based offensive security engagements to simulate realistic attacker behaviors and compromise patterns e.g. leveraging social engineering, stealth, persistent malware (e.g. simulating advanced persistent threats), new and "unreleased" exploits. By collaborating with management and application teams we define testing goals based on real-world threat scenarios. This challenges organizations to improve security effectiveness by helping them to respond to realistic attack stories for threat scenarios.

Key Qualifications

  • Strong proficiency in at least 2 of the following:
  • Application Security
  • Network Security
  • Systems Security
  • Previous experience executing on Red/Purple team engagements targeting Unix/Linux/Cloud environments
  • Previous experience working with or on a detection or CSIRT team
  • Experience in applied red team techniques for:
  • Stealth
  • Exfiltration
  • Reconnaissance
  • Client exploitation on MacOS and iOS
  • Strong verbal & written interpersonal skills
  • Experience with a scripting language (e.g. perl, python, PHP, ruby) and a programming language (e.g. JAVA, Objective C)
  • Proficient in either Mac OS X and/or other flavors of UNIX
  • Keen ability to spot organizational gaps and build kill chains that extend beyond the initial foothold
  • Desire to build tooling to support offensive operations

Description

Apple's red team is looking for a Senior Offensive Security Engineer. In this role, you will lead and execute offense security exercises emulating a real world adversary, targeting critical services and data within Apple. An ideal candidate will not only have a mastery of penetration testing skill sets but know how to apply that mastery to an adversary simulation and feed these results into: - The Blue Team for building detection and response mechanisms. - Vulnerability Management teams to identify and remediate similar issues at scale - Vulnerability Research to identify additional vulnerabilities in common stacks targeted in our engagements

Education & Experience

BS Degree or equivalent work experience

Additional Requirements