Senior Security Engineer Job at Apple Inc., Seattle, WA

Q3NkYmVVbElwTVU0Z1RnU3RLem10QjlLalE9PQ==
  • Apple Inc.
  • Seattle, WA

Job Description

In this role you will conduct application security assessments, threat modeling, and penetration testing modeled after real world attackers. You will also develop tooling to automate security testing and mitigate security threats. Our scope spans across Apple and includes customer facing and internal corporate applications. Our team is primarily responsible for supporting highly critical foundational infrastructure and security services. We work multi-functionally with teams Apple wide providing security consulting services and driving new security initiatives. Our hardworking team of security professionals is a key to our success.

Description

* Conduct security architecture review of the full stack including applications built on cloud and new technologies. * Conduct manual application security testing and source code auditing for a variety of technologies. Provide clear and detailed risk assessment and remediation guidelines for developers and business owners. * Conduct penetration testing targeting critical Apple data, services, and environments. Report underlying security issues and propose enhanced security protections. * Security research on the latest standard methodologies, trends, threats, vulnerabilities, and technology frameworks * Detailing and disseminating security guidelines for common security issues, remediation guidance, and security technology baselines * Develop tools, exploits, and products to support application security review and/or penetration testing * Research and develop tools to improve static analysis framework capabilities (e.g. accuracy, coverage, and efficiency of detections)  

Minimum Qualifications

  • Extensive experience manually testing web applications and/or enterprise penetration testing
  • Extensive experience with a scripting language (e.g. python, PHP, ruby) and a programming language (e.g. Java, Swift, C)
  • Proficiency in some form of UNIX
  • You have the ability to explain basic networking concepts (routing, ACL, load balancers, SSL/TLS, TCP) in order to provide application architecture feedback
  • You have a background in web application development and/or code auditing
  • You have a real passion for discovering and researching new vulnerabilities and exploitation techniques
  • You are deeply accountable for your work
  • You are upbeat, adaptable, and results oriented with a positive attitude
  • BS in Computer Engineering with specialization in Information Security or 4+ years of equivalent, hands-on information security experience in a large enterprise environments a plus.
  • You have strong verbal and written interpersonal skills
  • You have a real passion for discovering and researching new vulnerabilities and exploitation techniques
  • You are deeply accountable for your work
  • You are upbeat, adaptable, and results oriented with a positive attitude
  • BS in Computer Engineering with specialization in Information Security or 4+ years of equivalent, hands-on information security experience in a large enterprise environments a plus.

Key Qualifications

Preferred Qualifications

  • Experience with offensive and automation tool development
  • Experience with vulnerability scanning tools: network, SAST, and DAST
  • Familiarity with testing services that employ AI/LLM and the OWASP Top 10 for LLMs
  • Experience leveraging AI/LLMs for security testing and automation
  • Experience with with one or more public cloud services (e.g. AWS, GCP, AliCloud)
  • Experience with Kubernetes and container security
  • Experience with common authentication protocols (e.g. SAML, OIDC)

Education & Experience

Additional Requirements

Pay & Benefits

  • At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $166,600 and $250,600, and your base pay will depend on your skills, qualifications, experience, and location.

    Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits.

    Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

  • Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.
* Conduct security architecture review of the full stack including applications built on cloud and new technologies. * Conduct manual application security testing and source code auditing for a variety of technologies. Provide clear and detailed risk assessment and remediation guidelines for developers and business owners. * Conduct penetration testing targeting critical Apple data, services, and environments. Report underlying security issues and propose enhanced security protections. * Security research on the latest standard methodologies, trends, threats, vulnerabilities, and technology frameworks * Detailing and disseminating security guidelines for common security issues, remediation guidance, and security technology baselines * Develop tools, exploits, and products to support application security review and/or penetration testing * Research and develop tools to improve static analysis framework capabilities (e.g. accuracy, coverage, and efficiency of detections)  

Job Tags

Relocation,

Similar Jobs

Labor One Staffing

Hiring Firewatch Job at Labor One Staffing

 ...leads, hoses, operation of air an electric power tools; moves metal pieces for re-fitting; removes scrap from work area. Moves fire bottle to areas of work; observes for sparks from welding and grinding;extinguishes fire when necessary. Maintains a clean, hazard... 

U.S. Army

US Army Soldier Job at U.S. Army

 ...US Army Soldier As an Infantry Soldier, youll serve in the field, working to defend our country against any threats on the ground...  ...Your family can also receive healthcare services at military or civilian facilities through TRICARE at little or no cost.... 

NoGigiddy

(Remote) - Virtual Assistant - 18.00 - 21.00/hour Job at NoGigiddy

 ...Job Description: Enjoy the flexibility of working part-time from home with a leading virtual assistant provider. You can have a meaningful career working from...  ...in an administrative support role In-home office setup including Mac or PC Computer (including webcam... 

Teach Oklahoma

Head Boys Cross Country Coach Job at Teach Oklahoma

Position Areas Coach/Trainer Description Care and Prevention

National Testing Network

Entry Level Firefighter-BELLEVUE FIRE DEPARTMENT Job at National Testing Network

 ...Bellevue, Washington 98004 Phone: (***) ***-**** Position: Entry-Level Firefighter The Bellevue Fire Department is currently...  ...Job Summary Firefighters perform general firefighting and emergency medical care duties under hazardous conditions, which may require...