Browser Security Researcher

Seattle, Washington, United States
Software and Services

Summary

Posted:
Weekly Hours: 40
Role Number:200553732
Apple's Security Engineering & Architecture organization is responsible for the security of all Apple products. Passionate about safeguarding our users, we believe that the best defense requires a great offense. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first. Can you make a difference on this scale? Join our extraordinary team of security researchers and help protect all Apple users.

Description

Our team focuses on securing Apple products, from microarchitecture to applications such as Safari, Mail, and Messages. Evaluating the security of iOS and macOS kernels, boot ROMs, firmware and hardware are all included in the scope of the team. Working alongside a wide variety of teams and vendors, your influence will be felt throughout Apple's products such as the iPhone, iPad, Mac, and Apple TV. As a member of the team, one of your principal responsibilities will be to conduct vulnerability research on Apple browser applications and their underlying software components (WebKit, JavaScriptCore, etc). Analyzing and exploiting vulnerabilities is also a key element of the role. This position requires someone with strong technical skill, who is creative and has a desire to secure systems by showing how they can be broken. If this is you, we'd love to hear from you.

Minimum Qualifications

  • Experience in and a passion for vulnerability research and exploitation, targeting web browsers and related technologies
  • Strong familiarity with vulnerability classes such as stack and heap based buffer overflows, object lifecycle issues, and logic errors along with practical experience with exploitation techniques applied to browser security
  • Knowledge of the security architecture of web browsers, for example sandboxing mechanisms, inter-process communication, and JavaScript JIT compilation vulnerabilities.
  • Experience with fuzzing browser platforms and conducting root cause analysis of results
  • Proven problem-solving and analytical skills
  • Excellent written and verbal communication skills

Key Qualifications

Preferred Qualifications

  • Experience evaluating the security of Apple products
  • Experience auditing and exploiting large modern C++ code bases
  • Familiarity with tool development, using programming languages such as C, C++, Python, Swift, Objective-C

Education & Experience

Additional Requirements

Pay & Benefits

  • Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.