Security Operations Engineer - Privacy
Santa Clara Valley (Cupertino), California, United States
Software and Services
You'll be at the forefront of Apple's privacy, security and threat intelligence capabilities, impacting the breadth of Apple's ecosystem by working on immediate risks to Apple's customers. Working with some of the best engineers in the world, you’ll have a direct positive impact on the privacy of Apple’s products. We're looking for a talented and highly motivated engineers responsible to help investigate security issues across Apple products with the goal of better safeguarding our users.
- A proven track record in finding security/privacy vulnerabilities in shipping products.
- Background in secure coding best practices and code auditing.
- Have an understanding of past, current, and emerging security and privacy exploit types.
- Have the ability to track and manage numerous parallel activities
- Experience building tools and automation
- Ability to explain complex security and privacy problems
- Programming background in C, C++, and/or Objective-C
- Proficiency in scripting language(s) such as Python
- Proficiency in macOS or other flavors of UNIX
You’ll become part of an outstanding team focusing on securing iOS, tvOS, watchOS and macOS. Rooted in the Security Engineering and Architecture organization and partnering with User Privacy, you’ll be working with a wide variety of teams and vendors. Your influence will be felt throughout Apple's extraordinary products and services, such as the iPhone, Mac, Watch, Siri, iCloud, and Apple Music. You will be directly involved in Apple's response to critical issues as they arise. From reverse engineering an exploit, providing insightful analysis on vulnerabilities, creating innovative tools to help find user privacy impacting bugs and consulting with engineering teams on software issues, the job is as diverse as it is critical. This position requires someone with strong technical strengths and a passionate desire to secure systems by showing how they can be broken. A FEW RESPONSIBILITIES: - Being passionate for customer privacy - Triage, analyze and investigate privacy issues reported to Apple - Analyze issues and pivot off available data to discover new and closely related privacy vulnerabilities - Focus on current privacy issues and trends and an eye towards future research - Participate in information sharing groups, communicate securely and responsibly - Write and follow clear documentation so that our work can be accountable, repeated, predictable, measured, and improved - Communicate with external researchers, peers, and leadership about details of privacy reports, the perceived privacy impact and resolution plan - Coordinate security and privacy incident response activities with affected teams to do the right thing for our customers and our organization
Education & Experience
BS/MS in computer science, engineering or related technical experience
- Preferred Experience:
- Provide security and privacy design consulting to other teams
- Proficiency with assembly languages
- Experience designing and architecting systems with security and privacy in mind
- Reverse engineering using tools such as IDAPro
- Familiarity with the principles and use of cryptographic primitives and protocols
- Familiarity with developing automated tools for vulnerability finding