Apple Inc.
Security Engineer, Enterprise Technology Services, Early Career
Apple Inc., Austin, Texas, us, 78716
Security Engineer, Enterprise Technology Services, Early Career
There is a lot that goes into building the most secure yet user-friendly devices in the world. We are a unique Software Development group with a charter to secure our platforms, which include iOS software, iOS Devices, and Mac! We build solutions that are used by our customers, engineering teams, and manufacturing environments. We are looking for a candidate who is passionate about both software and hardware security and enjoys a highly technical, hands-on role in a dynamic and fast-paced environment. This role will be responsible for testing and securing the Software Development Life Cycle, worldwide hardware manufacturing ecosystem, and associated global IT infrastructure. Are you ready for this challenging yet highly visible and rewarding opportunity?DescriptionOur organization provides security server-side solutions to enable various Apple product security features. As part of the security team in this organization, we are looking for someone who can drive advancements in security practices, proactively identifying security vulnerabilities, fortifying our platforms against emerging threats, and enabling continuous innovation. The existing scope of the work includes the following and will be expanded with emerging new technology and new business initiatives:Perform penetration testing and vulnerability assessments on software applications, API services, and infrastructure.Develop and implement new test plans, methodologies, and tools for assessing hardware and software security.Conduct static code analysis to identify and triage application security issues.Work closely with DevOps and engineering teams to remediate application security vulnerabilities and implement security best practices throughout the Software Development Life Cycle (SDLC).Perform reverse engineering and forensic analysis on software & hardware to identify security vulnerabilities and their exploitability.Rotate between red and blue functions and conduct simulated attacks & defense.Develop security strategies, frameworks, tools, and processes to assess and improve the security posture of the organization.Collaborate with hardware design teams to integrate security best practices during product development.Document findings, prepare comprehensive reports, and provide detailed security recommendations for remediation.Fulfill on-call responsibilities for handling security-related incidents.Continuous learning and conduct security research to stay updated on the latest threats, vulnerabilities, attack vectors, and mitigation techniques.Minimum QualificationsKnowledge in at least one scripting language.Experience in Computer Science Fundamentals.Bachelor's degree in Computer Science or equivalent.Preferred QualificationsStrong understanding of fundamental IT domains including Networking, Operating Systems, Security Principles, Secure Coding Practices, Cryptography, and System Administration.Experience in security penetration testing, red team exercises, Capture The Flag (CTF) competitions, or security-related hackathons.Experience with software development and secure coding best practices.Experience with reverse engineering and exploit development.Understanding of cryptographic algorithms, secure boot, and secure firmware update mechanisms is a plus!Understanding of hardware architecture, microcontrollers, processors, and firmware development and have knowledge of hardware security tools and techniques (e.g., JTAG, oscilloscopes) is a plus.Respect diversity and inclusiveness in a global organization with the ability to collaborate and communicate effectively.Ability to analyze sophisticated problems, explore the greenfield, and devise creative solutions.Willingness and ability to travel internationally (up to 1 week at a time).Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.
#J-18808-Ljbffr
There is a lot that goes into building the most secure yet user-friendly devices in the world. We are a unique Software Development group with a charter to secure our platforms, which include iOS software, iOS Devices, and Mac! We build solutions that are used by our customers, engineering teams, and manufacturing environments. We are looking for a candidate who is passionate about both software and hardware security and enjoys a highly technical, hands-on role in a dynamic and fast-paced environment. This role will be responsible for testing and securing the Software Development Life Cycle, worldwide hardware manufacturing ecosystem, and associated global IT infrastructure. Are you ready for this challenging yet highly visible and rewarding opportunity?DescriptionOur organization provides security server-side solutions to enable various Apple product security features. As part of the security team in this organization, we are looking for someone who can drive advancements in security practices, proactively identifying security vulnerabilities, fortifying our platforms against emerging threats, and enabling continuous innovation. The existing scope of the work includes the following and will be expanded with emerging new technology and new business initiatives:Perform penetration testing and vulnerability assessments on software applications, API services, and infrastructure.Develop and implement new test plans, methodologies, and tools for assessing hardware and software security.Conduct static code analysis to identify and triage application security issues.Work closely with DevOps and engineering teams to remediate application security vulnerabilities and implement security best practices throughout the Software Development Life Cycle (SDLC).Perform reverse engineering and forensic analysis on software & hardware to identify security vulnerabilities and their exploitability.Rotate between red and blue functions and conduct simulated attacks & defense.Develop security strategies, frameworks, tools, and processes to assess and improve the security posture of the organization.Collaborate with hardware design teams to integrate security best practices during product development.Document findings, prepare comprehensive reports, and provide detailed security recommendations for remediation.Fulfill on-call responsibilities for handling security-related incidents.Continuous learning and conduct security research to stay updated on the latest threats, vulnerabilities, attack vectors, and mitigation techniques.Minimum QualificationsKnowledge in at least one scripting language.Experience in Computer Science Fundamentals.Bachelor's degree in Computer Science or equivalent.Preferred QualificationsStrong understanding of fundamental IT domains including Networking, Operating Systems, Security Principles, Secure Coding Practices, Cryptography, and System Administration.Experience in security penetration testing, red team exercises, Capture The Flag (CTF) competitions, or security-related hackathons.Experience with software development and secure coding best practices.Experience with reverse engineering and exploit development.Understanding of cryptographic algorithms, secure boot, and secure firmware update mechanisms is a plus!Understanding of hardware architecture, microcontrollers, processors, and firmware development and have knowledge of hardware security tools and techniques (e.g., JTAG, oscilloscopes) is a plus.Respect diversity and inclusiveness in a global organization with the ability to collaborate and communicate effectively.Ability to analyze sophisticated problems, explore the greenfield, and devise creative solutions.Willingness and ability to travel internationally (up to 1 week at a time).Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.
#J-18808-Ljbffr