Vulnerability Researcher - Security Engineering & Architecture
Seattle, Washington, United States
Software and Services
Apple engineers have always focused on one person when they build software — the person who will use it. Working in our Software Group (SWE) you’ll see why every Apple product and service feels intuitive and simple, and why every aspect of this group’s work is built around a respect for the customer’s needs. Apple's Security Engineering & Architecture team (SEAR) focus on security needs. Passionate about safeguarding, we believe the best defense is a good offense. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first. Can you make a difference on this scale? Join our extraordinary team of security researchers and discover Apple products' vulnerabilities before they ship.
- - Background in secure coding and code auditing
- - Expert in reverse engineering (IDA Pro, Ghidra, etc.) & developing plug-ins
- - Able to exploit the security design of modern operating systems
- - Confident developing POC's for common vulnerabilities, bypassing anti-exploitation protections
- - Programming background in C, C++, Python and/or Objective-C
- - Proficient in assembly languages and ARM architectures
- - Familiarity with modern processor architecture
- - Strong understanding of the principles and use of cryptographic primitives and protocols
- - Ability to track and handle numerous parallel projects
Our team focuses on securing low-level technologies such as the iOS and OS X kernel, boot ROMs, firmware and hardware. Working alongside a wide variety of teams and vendors, your influence will be felt throughout Apple's extraordinary products, such as the iPhone, iPad, Mac and Apple TV. Tasked with identifying threats in advance, as well as being directly involved in Apple's response to critical issues as they arise. This includes reverse engineering an exploit, providing insightful analysis, creating innovative tools, consulting with other teams on both hardware and software, auditing code and reviewing designs, the job is as diverse as it is essential. This position requires someone with strong technical strengths and a passionate desire to secure systems by showing how they can be broken. Day to day you'll cover many areas to help make Apple’s products the industry’s most secure. You'll assist with evaluating security critical code and hardware; building automated tools for vulnerability finding; crafting exploits on discovered vulnerabilities to challenge existing mitigation techniques; providing security design consulting to other teams. Knowledge designing embedded and µ-architecture systems with security in mind on macOS and iOS with some exposure to the kernel is helpful. If this is you, we'd love to hear from you.
Education & Experience
Degree in Computer Science / Computer Electronics (or equivalent experience)