SWE - User Land Security Researcher, SEAR (Early Career)

at  Apple

SUMMARY

Posted: 16 Aug 2024
Role Number:200558988
Help Apple secure the world’s most advanced consumer devices, which people trust to store their personal and professional data. Security Engineering & Architecture (SEAR) is at the core of Apple’s product security strategy and we’re fanatical about protecting our users. We’re looking for an enthusiastic security engineer to join our growing team whose focus is on securing the technologies that power some of our most loved features, such as iMessage, FaceTime, Home and many more. As a security engineer in SEAR, you will lead research and analysis in identifying vulnerabilities and trends across our platforms, invent new defensive technologies to eliminate entire classes of issues, and drive the delivery of security mitigations alongside our partner engineering teams. We design and secure platforms for billions of users and are committed to user privacy and security. We have some of the most creative, passionate, hardworking engineers in the industry. Our team challenge each other to go beyond the norm to find new, innovative ways of solving problems and to make software safer, easier, and more fun to use. Not many jobs can offer all of these things. Security engineering jobs at Apple do, and much more.

DESCRIPTION

You are joining an exceptional team focusing on securing our remote attack surfaces across Apple platforms. From iMessage to media formats and FaceTime to memory allocators, you will be working alongside a wide variety of teams and vendors and your influence will be felt throughout Apple’s extraordinary products, including: iPhone, Apple Vision Pro, Mac and Apple TV. In addition, you will be responsible for identifying threats in advance and directly involved in Apple’s response to critical issues as they arise. The job is as diverse as it is essential, from reverse engineering an exploit, providing insightful analysis and creating innovative tools, consulting with other teams on both hardware and software, to reviewing code and proposing designs for new security mitigations which will ship on billions of devices. This position requires someone with strong technical strengths and a passionate desire to secure systems. Your responsibilities will include helping to make Apple’s products the industry’s most secure, evaluating security-critical code, developing intelligent automated tools for vulnerability finding, building exploits for discovered vulnerabilities to challenge existing mitigation techniques, providing security focused consultations on key technology areas to partner teams and driving the design and development of new mitigations. This position may require some travel to other Apple sites, vendors, and security conferences.

• Background in secure coding and code auditing.
• Experience developing proof of concept exploits for common vulnerabilities.
• Programming background in C, C++, and Python

PREFERRED QUALIFICATIONS

• Knowledge of modern anti-exploitation mitigations and their effectiveness.
• Reverse engineering using tools such as IDA Pro or Ghidra
• Knowledge of macOS and iOS security architectures.
• Knowledge of memory safe languages.
• Proficiency with assembly languages, ARM64 is a big plus.

• Background in secure coding and code auditing.
• Experience developing proof of concept exploits for common vulnerabilities.
• Programming background in C, C++, and Pytho