System Software Engineer, Security
Santa Clara Valley (Cupertino), California, United States
Software and Services
The SPEAR team in Apple’s Security Engineering & Architecture organization is hiring a collaborative system software engineer with a drive to improve the security of end user devices. SPEAR is a dedicated team of software engineers that works on security hardening across all of Apple’s operating systems. We focus on projects ranging from surgical adoptions of memory safety technologies to wholesale refactors that reorient key system components to protect the security of our users’ devices. As a System Software Engineer in SPEAR, you will work with teams across the lower levels of Apple’s software stack to improve the security of our operating systems. You will deliver well-designed, robust, and maintainable infrastructure and mitigations that meaningfully improve end user security. Your work will help set the standard for cross-functional collaboration, thorough testing, and clear documentation. As a result of the collective effort of dedicated engineers like yourself, Apple’s products are the most secure consumer devices on the market. Our mission is to continue to advance the state of the art of end user security. Our goal isn’t simply to be the most secure: we’re working to ensure the safety of every user’s digital life, even against the most malicious and well-resourced adversaries.
- 3+ years of experience developing software for low-level environments such as firmware, hardware drivers, kernels, or hypervisors
- Strong interest in security and a desire to develop your skills in that area
- Deep understanding of a system programming language such as C or C++
- Understanding of how low-level software is compiled to machine code and interacts with hardware
- Ability to communicate clearly and effectively about technical topics (verbal and written)
- Enthusiastic, empathetic, and collaborative approach to multi-functional projects
- Ability quickly get up to speed on new codebases and adjust your approach to meet the needs of diverse projects and requirements
Each project will involve solving unique challenges while handling the following core responsibilities: Efficiently gain familiarity with new codebases. Contribute to design of kernel, driver, and firmware security hardening projects, including memory safety technology adoption, mitigation deployment, sandboxing/isolation, refactoring, and other approaches as necessary. Update existing low-level software codebases or create new codebases as necessary to achieve project goals using the most appropriate language, potentially including C, C++, or Swift. Adopt or update isolated unit testing to thoroughly exercise changes; collaborate with QA engineers on functional testing. Document changes and new architectural elements, creating training materials required for partner team to maintain changes going forward. Communicate collaboratively and effectively during all project phases.
Education & Experience
BS in Computer Science or Computer Engineering; or equivalent experience/skills
- This role requires openness to new ways of approaching low-level software to achieve stronger security. While experience in these areas is not required, this could include use of memory safe languages, safer C++ abstractions, and C memory safety extensions.