Senior Security Engineer - Assurance

Summary

Posted: Feb 21, 2023

Weekly Hours: 40

Role Number:200464229

Home Office: Yes

Apple Cloud Security Red Team, the team behind iCloud services and the infrastructure that powers it, is looking for security engineers to partner with engineering teams working on significant services. You will collaborate with developers, site reliability engineers, and security teams to protect ACS.

Your work will include full end-to-end security assurance activities including *extensive* manual security testing. At Apple, Red Team means the deep technical security experts. The ACS Security Red Team focuses on deep technical security review work of critical ACS services and infrastructure. In this role you will perform scoped and focused pentests, finding novel security vulnerabilities and identifying systemic improvement opportunities. You’ll support objective oriented Red Team exercises by enumerating vulnerabilities within relevant attack surfaces.

You will be working with partner teams in security engineering, privacy, detection and design review to keep Apple's services secure for our users. If you love diving into a complex and important system, and driving the security of that system over time, we want to talk with you!

Key Qualifications

• Six or more years of proven experience in an information security field or software engineering
• Four or more of those years include discovering and exploiting novel security vulnerabilities within applications and infrastructure in Linux and Cloud environments
• Experience with security in Linux and Cloud environments
• Extensive experience in some or all of these areas: datacenter, infrastructure, cloud, or application security
• Ability to reason about security of a large and complex application or infrastructure
• Desire to go deep on complex systems for extended engagements

Description

In this role, you will scope and lead focused security reviews on critical internet scale applications and supporting infrastructure. Using insights from these engagements, you will help define, document, and automate security best practices, as well as advocate for platform-wide security enhancements to raise the security bar for all engineering teams at Apple. Our services are hardened and reviewed, don’t expect easy vulnerabilities.

You will be:

A technical expert capable of identifying engagement scope and planning reviews.

Executing security reviews to identify vulnerabilities and improvement opportunities.

Source code review to identify unique and uncommon vulnerabilities.

Depth focused manual testing to go further than the many security researchers before you.

Emphasis on depth of testing across massively complex services

Assist in objective oriented Red Team engagements, by providing amazing vulnerabilities.

Able to identify areas that are ripe for improvement and establish appropriate security goals

Adept at building relationships with engineering and leadership teams to drive security improvements

Current on new security technologies, vulnerabilities, and methodologies

An excellent verbal and written communicator

Able to develop proof of concept systems to automate security recommendations, vulnerability discovery, and process workflows

Responsible for security decisions impacting hundreds of millions of users

Education & Experience

Bachelors degree in Computer Science / Engineering or a related, with emphasis in security related fields (or equivalent experience).

Community contributions like public CVEs, bug bounty recognition, open source tools, blogs, talks etc.

Additional Requirements

• Apple is an Equal Opportunity Employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities. Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants.
• Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law.
• Apple's committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities.

Pay & Benefits

• At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $161,000 and $278,000, and your base pay will depend on your skills, qualifications, experience, and location.
• 
  
• Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits.
• 
  
• Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.