Security Engineer, Retail Engineering
Hyderabad, Telangana, India
Software and Services
Imagine what you could do here. At Apple, great ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job; there's no telling what you could accomplish.
As a security engineer in Retail Engineering, you'll be responsible for securing the Apple Online Store and flagship retail stores, through to business-critical backend customer and payment systems. Along the way you'll be expected to grasp the security implications of emerging technologies such as machine learning and cloud.
Description
- Perform threat models and architecture reviews of complex projects
- Conduct penetration testing against a wide variety of technologies. Ability to communicate these findings in high-quality reports and presentations
- Provide guidance and education to partnering teams
- Build relationships, influence and improve security culture via various initiatives (presentations, training, etc)
- Participate in, or lead Red Team operations against large organizations within Apple
- Support partnering blue teams in responding to threats and enhancing detections
- Develop tooling to support primary responsibilities
- Deliver security campaigns and initiatives to improve the security posture of the organization
Minimum Qualifications
- Experience performing threat models or architecture reviews
- Strong ability to penetration test application, infrastructure and cloud environments.
- Strong understanding of fundamental networking and security concepts
- Programming/scripting skills, and ability to read and audit various programming languages, (Go, Java, JavaScript, Python etc)
- Proficiency in MacOS and other Unix based systems
- Knowledge of cloud architecture and security
Key Qualifications
Preferred Qualifications
- BSc in Computer Science or equivalent
- OSCP or OSWE certification
- Experience with CTFs or hacking labs
- Experience securing and pentesting mobile applications
- Experience participating in or leading red teams or similar offensive security engagements
- Publications, security research, bug bounties or CVEs are highly regarded
- Experience presenting to technical and non technical audiences
- Passion for information security
- Ability and motivation to learn new skills, concepts and technologies
- Excellent written and verbal communication skills
- Ability to take ownership of security problems, and drive remediation to competition
- Self-motivated, able to work individually and as part of a global team
- Ability to grasp large sophisticated systems and context-switch when needed
- Ability and willingness to work both from the office and from home
- Some international travel may be required