Senior Security Engineer

Cupertino, CA 95014
  • Job Code
    200163500
Summary

Summary

Posted: Jul 2, 2020

Weekly Hours: 40

Role Number:200163500

The Apple We are looking for a Senior Security Engineer to join our team. You will collaborate with developers, ...Summary

Summary

Posted: Jul 2, 2020

Weekly Hours: 40

Role Number:200163500

The Apple We are looking for a Senior Security Engineer to join our team. You will collaborate with developers, deployment engineers, and security teams to secure Apple Cloud applications and services in the present and work with the team to design future of security for services at Apple. Your activities will include full end-to-end security assurance activities including security architecture, threat modeling, security testing (including code review) and executing risk mitigation strategies. You will be working with partner teams in security engineering, security automation, privacy, and offensive security to keep Apple's services secure for our users. You will work with complex technology and diverse threat landscape and educate teams on secure application design, development, and testing. Expect to be exposed to a broad range of systems, including network, platform, storage, web applications, orchestration, distributed processing, and virtualized environments.

Key Qualifications

  • 5+ years of work experience in infrastructure or security engineering
  • Breadth of technical experience across various infrastructure and security areas and running in large production environments
  • Experience distilling complex technical information and conveying to different types of audiences that enables decisioning
  • Deep understanding of web application security threats, exploits, prevention
  • Ability to prioritize, reproduce, recommend remediations and implement fixes for vulnerabilities
  • Experience in penetration testing, vulnerability scanning, SAST and DAST. Familiar with tools and technologies used
  • Passion for understanding and researching vulnerabilities and exploitation techniques
  • Knowledge of development and integration (e.g. CI/CD)
  • Proficiency in networking concepts (firewalls, load balancers, etc)
  • Practical knowledge of applied cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc)
  • Keeps up with industry trends in security technology and threats
  • Experience securing infrastructure in public cloud (e.g. AWS, Azure, Google Cloud)
  • Having experience in web application development, infrastructure and/or code auditing strongly preferred

Description

Conducting security assessments, architecture reviews, threat modeling of the application stack, including applications built on cloud and emerging technologies.

Design and develop platform level solutions to promote security related initiatives and improvements.

Proven experience for solving complex, systemic issues that require creative thinking and solutions.

Conduct penetration testing against our applications, services, and environments; reporting underlying security issues and proposing appropriate security controls.

Research the latest security standard methodologies, trends, threats and vulnerabilities, and technology frameworks.

Document and disseminating security guidelines for common security issues, remediation guidance, and security baselines.

Assist Infrastructure engineers develop secure systems by advising on secure patterns and practice

Proactively introduce new controls into the infrastructure platform that improves our defense in depth

Incorporate new secure design patterns into platforms that expand what our engineers caan do in a secure way

Education & Experience

EDUCATION
Bachelors degree in Computer Science / Engineering with emphasis in security related fields (or equivalent experience) Certs like OSCP, OSCE, OSEE, etc. helpful but not vital. Bonus points for community contributions like public CVEs, bug bounty recognition, open source tools, blogs, etc.

Apple is an Equal Opportunity Employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities. Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants.

Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. If you are applying for a position in San Francisco, please click here.

Apple participates in the E-Verify program in certain locations as required by law. Learn more.

Apple's committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. Learn more.

Apple is a drug-free workplace. Learn more.

Additional Requirements

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Security Engineer

Apple, Inc.
Cupertino, CA 95014

Join us to start saving your Favorite Jobs!

Sign In Create Account