Apple, Inc.
Security Engineer, Ad Platforms
Apple, Inc., Austin, Texas, us, 78716
SummaryPosted: Aug 22, 2024Weekly Hours:
40Role Number:
200564744At Apple, we work every single day to build products that enrich people's lives. Our Advertising Platforms group makes it possible for people around the world to easily access informative and visionary content on their devices while helping publishers and developers promote and monetize their work. Our technology makes advertising possible on the App Store, Apple News, Stocks, and Apple TV. We help developers and marketers of all sizes drive app discovery across the App Store. Our display ads on Apple News and Stocks let advertisers promote their products alongside trusted content from the world's best journalists. Sponsorship integrations and experiences in live sports on Apple TV help advertisers connect with passionate fans. Everything we do is with the unwavering commitment to privacy you expect from Apple. Because when advertising is done right, it benefits everyone!DescriptionWe're seeking a Security Engineer who is passionate about protecting critical infrastructure and services. As a Security Engineer, you'll collaborate with engineering leaders, developers, quality engineers, and security teams to secure Ad Platforms' applications and services, present and future. You can expect to assess the risk landscape for products and drive risk mitigation. You'll work with partner teams on security tools, penetration testing, and security testing methodologies to keep Ad Platforms services secured. You'll also experience a rapidly evolving technology and threat landscape and contribute to the education of teams on compliance activities throughout the development lifecycle. You should expect to be exposed to a broad range of systems, including web applications, big data, distributed processing, and virtualized environments.Responsibilities include:Conduct security reviews of the service stack, including apps built on cloud and emerging technologies.Build new security tooling and services to support developers at scale.Perform security tests on new apps, products, and features before release.Review source code for potential security issues.Design and automate security test cases, to check for vulnerabilities or broken/missing security controls.Provide specific risk assessment and remediation guidelines for developers and business owners.Triage and review findings from security tools, including static and dynamic scanners.Research latest security best practices, trends, threats, and vulnerabilities and technology frameworks.Document and share security guidelines for common security issues, remediation guidance, and security baselines.Work with developers to provide and mentor them on secure development practices.Develop tools and exploits to support security testing.Write automations to streamline common tasks, tests, workflows, etc.Minimum Requirements:2+ years of relevant experience in Information Security.Working experience in a scripting language (e.g., Python, Bash, Go).Experience writing production level code in Java or JavaScript.Knowledge of development and integration tools and technologies (e.g. CI/CD).Working experience in securing applications in cloud (i.e. Docker, Kubernetes).Familiarity with common security tools i.e. SAST or DAST.Familiarity with core networking concepts (firewalls, load balancers, etc).Familiarity with cryptography.Prior experience in web application development including security threats, exploits, prevention (Injection, platform hardening, etc).Ability to triage, reproduce, and recommend remediations for vulnerabilities.Excellent communication and interpersonal skills.Bachelor's in Information System Security, Cybersecurity, Computer Science, etc.Preferred Qualifications:Passion for understanding and researching vulnerabilities and exploitation techniques.Master's in Information System Security, Cybersecurity, Computer Science, etc.Additional Requirements:Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.
#J-18808-Ljbffr
40Role Number:
200564744At Apple, we work every single day to build products that enrich people's lives. Our Advertising Platforms group makes it possible for people around the world to easily access informative and visionary content on their devices while helping publishers and developers promote and monetize their work. Our technology makes advertising possible on the App Store, Apple News, Stocks, and Apple TV. We help developers and marketers of all sizes drive app discovery across the App Store. Our display ads on Apple News and Stocks let advertisers promote their products alongside trusted content from the world's best journalists. Sponsorship integrations and experiences in live sports on Apple TV help advertisers connect with passionate fans. Everything we do is with the unwavering commitment to privacy you expect from Apple. Because when advertising is done right, it benefits everyone!DescriptionWe're seeking a Security Engineer who is passionate about protecting critical infrastructure and services. As a Security Engineer, you'll collaborate with engineering leaders, developers, quality engineers, and security teams to secure Ad Platforms' applications and services, present and future. You can expect to assess the risk landscape for products and drive risk mitigation. You'll work with partner teams on security tools, penetration testing, and security testing methodologies to keep Ad Platforms services secured. You'll also experience a rapidly evolving technology and threat landscape and contribute to the education of teams on compliance activities throughout the development lifecycle. You should expect to be exposed to a broad range of systems, including web applications, big data, distributed processing, and virtualized environments.Responsibilities include:Conduct security reviews of the service stack, including apps built on cloud and emerging technologies.Build new security tooling and services to support developers at scale.Perform security tests on new apps, products, and features before release.Review source code for potential security issues.Design and automate security test cases, to check for vulnerabilities or broken/missing security controls.Provide specific risk assessment and remediation guidelines for developers and business owners.Triage and review findings from security tools, including static and dynamic scanners.Research latest security best practices, trends, threats, and vulnerabilities and technology frameworks.Document and share security guidelines for common security issues, remediation guidance, and security baselines.Work with developers to provide and mentor them on secure development practices.Develop tools and exploits to support security testing.Write automations to streamline common tasks, tests, workflows, etc.Minimum Requirements:2+ years of relevant experience in Information Security.Working experience in a scripting language (e.g., Python, Bash, Go).Experience writing production level code in Java or JavaScript.Knowledge of development and integration tools and technologies (e.g. CI/CD).Working experience in securing applications in cloud (i.e. Docker, Kubernetes).Familiarity with common security tools i.e. SAST or DAST.Familiarity with core networking concepts (firewalls, load balancers, etc).Familiarity with cryptography.Prior experience in web application development including security threats, exploits, prevention (Injection, platform hardening, etc).Ability to triage, reproduce, and recommend remediations for vulnerabilities.Excellent communication and interpersonal skills.Bachelor's in Information System Security, Cybersecurity, Computer Science, etc.Preferred Qualifications:Passion for understanding and researching vulnerabilities and exploitation techniques.Master's in Information System Security, Cybersecurity, Computer Science, etc.Additional Requirements:Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.
#J-18808-Ljbffr