Security Software Engineer, Enterprise Technology Services

Our organization provides security server-side solution to enable various Apple product security features. As part of security team in this group, we are looking for someone who can drive advancements in security practices, proactively identifying security vulnerabilities, fortifying our platforms against emerging threats and enabling continuous innovation. The existing scope of the work includes the following and will be expanded with emerging new technology and new business initiatives.

Perform penetration testing and vulnerability assessments on software applications, API services, and infrastructure. Develop and execute new test plans, methodologies, and tools for assessing hardware and software security. Conduct static code analysis to identify and triage application security issues. Work closely with DevOps and engineering teams to remediate application security vulnerabilities and implement security best practices throughout the Software Development Life Cycle (SDLC) Assist in application and infrastructure security reviews to identify gaps in best practices, and collaborate with stake holder teams to improve security posture Perform reverse engineering and forensic analysis to identify security vulnerabilities and its exploitability. Rotate between red and blue functions and conduct simulated attacks & defence. Develop security strategies, frameworks, tools, and processes to assess and improve security posture of the organisation. Collaborate with hardware design teams to integrate security best practices during product development. Document findings, prepare comprehensive reports, and provide detailed security recommendations for remediation. Fulfill on-call responsibilities for handling security-related incidents. Continuous learning and conduct security research to stay updated on the latest threats, vulnerabilities, attack vectors, and mitigation techniques.

Understanding of fundamental IT domains including Networking, Operating
Systems, Security Principles, Secure Coding Practices, Cryptography and System
Administration.
Knowledge of infrastructure security and physical security best practices
Understanding of software development and secure coding best practices.
Respect diversity and inclusiveness in a global organisation with ability to
collaborate and communicate effectively
Ability to analyze complex problems, explore the greenfield and devise creative
solutions.
Strong team player with adaptability

Knowledge in reverse engineering and exploit development, especially with hands-on
experience in security penetration testing, red team exercises, Capture
The Flag (CTF) competitions or security related hackathons.
Understanding of cryptographic algorithms, secure boot, secure firmware update
mechanisms is a plus.

Apple is where individual imaginations gather together, committing to the values that lead to great work. Every new product we build, service we create, or Apple Store experience we deliver is the result of us making each other’s ideas stronger. That happens because every one of us shares a belief that we can make something wonderful and share it with the world, changing lives for the better. It’s the diversity of our people and their thinking that inspires the innovation that runs through everything we do. When we bring everybody in, we can do the best work of our lives. Here, you’ll do more than join something — you’ll add something.

There is a lot that goes into building the most secure yet user-friendly devices in the world. We are a unique Software Development group with a charter to secure our platforms, which include iOS software, iOS Devices, and Mac. We build solutions that are used by our customers, engineering teams, and manufacturing environments. We are looking for a candidate who is passionate about both software and hardware security and enjoys highly technical, hands-on role in a dynamic and fast paced environment. This role will be responsible for testing and securing the Software Development Life Cycle, world-wide hardware manufacturing ecosystem and associated global IT infrastructure.

As a member of our fast-paced group, you will have the unique and rewarding opportunity to shape and improve the software that allows our products to surprise and delight billions of Apple’s customers every day! If you’re excited by the idea of making a real impact, and joining a team where we pride ourselves in being one of the most diverse and inclusive companies in the world, a career with Apple will be your dream job!

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant

At Apple, we believe accessibility is a fundamental human right. You’ll find that idea reflected in everything here — in our culture, our benefits and our digital tools. By welcoming as many perspectives as possible, we help you build a career where you feel like you belong.

Learn about accessibility in Apple’s workplace

Learn about reasonable accommodations for job applicants

Apple accepts applications to this posting on an ongoing basis.