13 days old

Senior Application Security Engineer

Seattle, WA
  • Job Code


Posted: Feb 11, 2020

Role Number:200148903

Apple Media Products (AMP) first delighted users with downloadable music in April 2003 with the opening of the iTunes Store. Since then, AMP has delivered countless innovations around the digital delivery of music and video, and in 2008 revolutionized smartphone app distribution with the launch of the App Store. Being the source for so much digital content requires maintaining relationships with a vast number of providers, from record labels to movie studios to app developers. The Digital Supply Chain Engineering team (DSCE) is tasked with ensuring that new content is uploaded, processed, cataloged, and available on our storefronts when the provider expects it to be top notch quality

AMP Media Workflow Engineering team is seeking a forward-thinking self-starter to join our team. AMP is an increasingly vital and central component of Apple's ecosystem, and continues to rely heavily on processing of media at ever more massive scale, at a level of quality unmatched in the industry. Join us in building Apple's platform for music and video ingestion and processing at the heart of Apple TV+, and participate in the innovation that will drive the next generation of media features services at Apple

Key Qualifications

  • At least 3+ years of experience in web application security, SSDLC, Threat Modeling
  • At least 5+ years crafting, implementing and supporting highly scalable backend applications
  • Deep understanding of web application security threats, exploits, prevention
  • Expertise in HTTP and REST APIs
  • Ability to triage, reproduce, recommend remediations and implement fixes for vulnerabilities
  • Passion for understanding and researching vulnerabilities and exploitation techniques
  • Proficiency in networking concepts (firewalls, load balancers, etc)
  • Practical knowledge of applied cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc)
  • Keeps up with industry trends in security technology and threats
  • Ability to craft and establish secure coding patterns/standards across multiple code repositories
  • Experience securing infrastructure in public clouds (e.g. AWS, Azure, Google Cloud)
  • Familiar with tools and technologies used in penetration testing, vulnerability scanning, SAST and DAST
  • Ability to work in a self directed, fast paced environment, that is highly collaborative and cross functional projects that are high profile and critical to the AMP services (App Store, Apple Music, etc)
  • Strong experience with Java and the Java ecosystem
  • Mentor team members on writing code that is efficient, maintainable and testable
  • Experience with NoSQL & technologies like Cassandra preferred


As an Engineer in the Infrastructure team, you will:
Be designing, developing and deploying large scale services and platforms
Be a product owner with a vision for what you are building for our internal customers
Be a team mate, a leader, a student, and a mentor
Be eager to learn new technologies and solutions
Be curious about how systems work and how they fail, design them to be sustainable in the face of failures
Have some cool war stories to tell from your past experience
Believe in automation and tooling as a critical part of the software lifecycle
Love measuring all things so we can make the right decisions

Education & Experience

BS in Computer Science, Mathematics, or EE, or relevant industry experience is required

Additional Requirements

Posted: 2020-02-12 Expires: 2020-03-12

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Application Security Engineer

Apple, Inc.
Seattle, WA

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast