Security Development Engineer, Vulnerability Management

Santa Clara Valley (Cupertino), California, United States
Corporate Functions

Summary

Posted:
Weekly Hours: 40
Role Number:200213446
This role can be located in Santa Clara Valley (CA), Seattle (WA), or Austin (TX). Apple is seeking an outstanding Security Development Engineer to support the Vulnerability Management program in our growing multi-provider infrastructure. This is a technical, hands-on role in a dynamic and fast-paced environment. You’ll be working on building and deploying highly scalable and efficient security solutions and frameworks (on-prem and in various cloud infrastructure) that helps secure Apple by identifying and reporting vulnerabilities and automating processes in order to triage security deviations to closure. The ideal candidate is someone with a proven track record, sound technical knowledge and skills in software architecture, development, and deployment of large-scale Security solutions. Your ability to architect solutions across the software stack will allow us to deliver groundbreaking tools to the fast-paced team and valuable data to all of Apple to help secure its infrastructure from vulnerabilities. Do you have a passion for building security products? Are you ready to apply your skills to solving new and exciting problems?

Key Qualifications

  • Strong programming skills (ability to create efficient algorithms and data structures)
  • Excellent knowledge of large-scale security solutions architecture, deployment, and integration
  • Expertise in one or more of the following programming languages: Go (required), Rust, Scala
  • Expertise in scripting languages such as Python (required), Shell script
  • Experience with query language such as SQL (required), SparkSQL
  • Experience in architecting cloud-based solutions using AWS, GCP, and Azure
  • Experience with containerization using Kubernetes, and on cloud with EKS/ECR on AWS, and its equivalent in GCP and Azure
  • Experience in infrastructure templating tools like AWS CloudFormation, Google Cloud Deployment Manager, and Terraform
  • Experience in building web-based applications and microservices
  • Experience with in-memory datastore such as Redis, queueing solutions such as Kafka, ELK stack, and their equivalent in cloud
  • Solid understanding of version control and repositories such as Git, and CI/CD process using Jenkins or Spinnaker
  • Good understanding and working knowledge in socket programming (TCP/IP, HTTP/S, etc.)
  • Solid understanding of Unix/Linux systems (filesystems, system calls, etc.)
  • Good knowledge of integrating, analyzing, and communicating relevant metrics for very large data sets
  • Familiarity with vulnerability scanning tools, common security vulnerabilities and the ability to judge their severity and impact to the business is a strong plus
  • Driven to automate and continuously improve
  • Ability to track and manage numerous parallel activities
  • Comfortable in a fast-paced dynamic agile environment
  • High standard of ethics
  • Highly collaborative
  • Passionate about keeping our customers data safe
  • Strong communication skills
  • Track record of practical problem solving, excellent communication and documentation skills

Description

You will join a team who is passionate about staying up to date on emerging security vulnerabilities and threats, keeps a cool head in crisis, and advocates every single day for improving the security of Apple products and services. Successful candidates will need to have a good technical background, superb communication skills, and a strong interest not only in software development but also network, system, and web security. The role also requires a strong ability to work with incomplete information and to adapt to changing priorities. Specific responsibilities include: - Designing, developing, and implementing large-scale security solutions that improve the defense of Apple infrastructure and applications - Building processes, guidelines, specifications, and documentation around the tools and solutions - Using the results produced by the solutions to analyze and provide meaningful insights on security and vulnerability management - Presenting the solutions, proof of concepts, and results to the management and partners across Apple - Partnering with teams across Information Security and Apple to integrate existing solutions and building better security posture for Apple

Education & Experience

BS in Computer Science, Information Technology, or related field and 5 years experience in software development within the last 10 years OR 7 years experience in information technology

Additional Requirements

  • 5-7 years related experience in Computer Security, with proven focus on software development and a clear passion for Security and Cloud technologies.