Senior Security Engineer

San Francisco, California, United States
Software and Services

Summary

Posted:
Weekly Hours: 40
Role Number:200178189
People at Apple don’t just build products they craft the kind of experience that have revolutionized entire industries. The diverse collection of our people and their ideas inspire innovation in everything we do. Imagine what you could do here! Join Apple, and help us leave the world better than we found it. The Apple Cloud Security team builds and provides secure systems and infrastructure that fuel Apple’s services (such as iCloud, iTunes, Siri, and Maps). As part of the Apple Cloud Security team, you will help manage the security needs of Apple’s services around the world. Your effort will help build solutions to a variety of outstanding security challenges. Join us, and you’ll play a meaningful role in ensuring the highest standard of security for one of the most-watched companies in the world

Key Qualifications

  • 5+ years of work experience in infrastructure or security engineering
  • Breadth of technical experience across various infrastructure and security areas and running in large production environments
  • Experience distilling complex technical information and conveying to different types of audiences that enables decisioning
  • Deep understanding of web application security threats, exploits, prevention
  • Ability to prioritize, reproduce, recommend remediations and implement fixes for vulnerabilities
  • Experience in penetration testing, vulnerability scanning, SAST and DAST. Familiar with tools and technologies used
  • Passion for understanding and researching vulnerabilities and exploitation techniques
  • Knowledge of development and integration (e.g. CI/CD)
  • Proficiency in networking concepts (firewalls, load balancers, etc)
  • Practical knowledge of applied cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc)
  • Keeps up with industry trends in security technology and threats
  • Experience securing infrastructure in public cloud (e.g. AWS, Azure, Google Cloud)
  • Having experience in web application development, infrastructure and/or code auditing strongly preferred

Description

You will… Conduct security assessments, architecture reviews and threat modeling of the application stack, including applications built on cloud and emerging technologies. Design and develop platform level solutions to promote security related initiatives and improvements. Be experienced in solving complex, systemic issues that require creative thinking and solutions. Conduct penetration testing against our applications, services, and environments; reporting underlying security issues and proposing appropriate security controls. Research the latest security standard methodologies, trends, threats and vulnerabilities, and technology frameworks. Document and disseminate security guidelines for common security issues, provide remediation guidance, and security baselines. Assist Infrastructure engineers in developing secure systems by advising on secure patterns and practice. Proactively introduce new controls into the infrastructure platform that improves our defense in depth. Incorporate new secure design patterns into platforms that expand what our engineers can do in a secure way.

Education & Experience

Bachelors degree in Computer Science / Engineering with emphasis in security related fields (or equivalent experience) Certs like OSCP, OSCE, OSEE, etc. helpful but not vital. Bonus points for community contributions like public CVEs, bug bounty recognition, open source tools, blogs, etc.

Additional Requirements

  • Apple is an Equal Opportunity Employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities. Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants.
  • Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law.
  • Apple's committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities.