Senior Offensive Software Vulnerability Researcher

Santa Clara Valley (Cupertino), California, United States
Software and Services

Summary

Posted:
Weekly Hours: 40
Role Number:200296624
Apple Security Engineering & Architecture (SEAR) believes the best defense is a good offense. When it comes to securing the world's most advanced operating systems this means finding vulnerabilities first. We're looking for skilled and inspired individuals to join our group of security researchers to attack Apple's products with the goal of better safeguarding our users.

Key Qualifications

  • Background in secure coding and code auditing. Spot the bugs!
  • Experience developing proof of concept exploits for common vulnerabilities.
  • Knowledge of how to bypass modern anti-exploitation mitigations.
  • Reverse engineering using tools such as IDA Pro or Ghidra and experience automating this analysis.
  • Proficiency with assembly languages, ARM64 is a big plus.
  • Programming background in C, C++, and Python

Description

You are joining an exceptional team focusing on securing 0-click and 1-click threat vectors in across Apple platforms. You will be working alongside a wide variety of teams and vendors and your influence will be felt throughout Apple's extraordinary products, such as the iPhone, iPad, Mac and Apple TV. In addition, you will be responsible for identifying threats in advance and directly involved in Apple's response to critical issues as they arise. The job is as diverse as it is essential, from reverse engineering an exploit, providing insightful analysis and creating innovative tools, consulting with other teams on both hardware and software, auditing code and reviewing designs. This position requires someone with strong technical strengths and a passionate desire to secure systems by showing how they can be broken. Your responsibilities will include helping to make Apple's products the industry's most secure, evaluating security-critical code and hardware, developing intelligent automated tools for vulnerability finding, developing exploits for discovered vulnerabilities to challenge existing mitigation techniques, and providing security design consulting to other teams.

Education & Experience

Degree in STEM field or equivalent experience

Additional Requirements

  • This position may require some travel to other Apple sites, vendors, and security conferences.
  • Preferred experience:
  • - Knowledge of macOS and iOS security architectures.
  • - Programming background in Objective-C and Swift.
  • - Proven track record of vulnerability disclosure and exploit development (CVE’s, bounty participation, etc.).