Summary

Posted: Mar 30, 2021

Weekly Hours: 40

Role Number:200219885

This position can be located in Santa Clara Valley (CA), Austin (TX) or Seattle (WA).

Imagine what you could ...Summary

Summary

Posted: Mar 30, 2021

Weekly Hours: 40

Role Number:200219885

This position can be located in Santa Clara Valley (CA), Austin (TX) or Seattle (WA).

Imagine what you could do here. At Apple, new ideas have a way of becoming extraordinary products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. We are seeking an extraordinary Information Security Engineer who is passionate about security incident detection and response, and can thrive in a fast- paced environment where both individual drive and team collaboration are the keys to success. This is a technical hands-on role that is focused on public and private cloud security across all of Apple. You'll be working to identify problems, establish a vision for how to address those problems, and unite the relevant owners within the business on achieving that vision!

Key Qualifications

• Experience manually testing web applications or enterprise penetration testing
• Experience with a scripting language (e.g. perl, python, PHP, ruby) and a programming language (e.g. JAVA, Objective C)
• Proficiency in either MacOS and/or other flavors of UNIX
• Ability to explain basic networking concepts (routing, ACL, load balancers, SSL/TLS, TCP) in order to provide application architecture feedback
• Background in web application development and/or code auditing strongly preferred
• Strong verbal & written communication skills
• Passion for discovering and researching new vulnerabilities and exploitation techniques

Conduct security architecture review of the full stack including applications built on cloud and emerging technologies.
Conduct manual application security testing and source code auditing for a variety of technologies. Provide clear and detailed risk assessment and remediation guidelines for developers and business owners.
Conduct penetration testing targeting critical Apple data, services, and environments. Report underlying security issues and propose enhanced security protections.

OTHER RESPONSIBILITIES INCLUDE:
- Security research on the latest standard methodologies, trends, threats and vulnerabilities, and technology frameworks
- Documenting and disseminating security guidelines for common security issues, remediation guidance, and security technology baselines
- Develop tools and exploits to support application security review and/or penetration testing

Education & Experience

BS in Computer Engineering with specialization in Information Security or 4+ years of equivalent, hands-on information security experience in a large enterprise environments a plus

Additional Requirements