Offensive Security Researcher, Kernel & Embedded Security

Apple's Security Engineering & Architecture organization is responsible for the security of all Apple products. Passionate about safeguarding our users, we take an offensive approach to defense - finding and fixing vulnerabilities before they can be exploited. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first.

Can you make a difference on this scale? Join our extraordinary team of security researchers and help protect all Apple users.

Description

We engage in various activities, including vulnerability research, binary exploitation, security tooling development, fuzzing, machine learning, and many more. By developing and harnessing state-of-the-art technologies, we amplify our impact on Apple's product security.

In this role, your primary focus will be on the kernel and embedded layers of Apple platforms. You will conduct offensive security research across operating system kernels, boot ROMs, firmware, secure enclaves, and other low-level components that form the foundation of our security architecture. You will work in cross-functional teams alongside other researchers and engineering teams to evaluate and strengthen the most privileged layers of our products.

This job is for individuals with outstanding technical skills, grit, and a genuine passion for breaking systems - so we can build them stronger.

If this is you, we'd love to hear from you.

In-office roles in Paris, Cupertino, and other locations. Remote considered for experienced candidates.

Preferred Qualifications

Deep knowledge of kernel internals, including virtual memory management, system call interfaces, and driver frameworks

Experience with firmware and boot ROM security analysis, including secure boot chains and hardware trust anchors

Familiarity with embedded processors and coprocessors security (e.g., Secure Enclave, DMA-capable peripherals, baseband)

Fluency with tool development, using programming languages such as C, C++, Python, Swift, or Objective-C

Experience with reverse-engineering techniques and tools like IDA or Ghidra

Knowledge of Apple operating systems like iOS or macOS is nice-to-have, but not required

Minimum Qualifications

Proven experience in vulnerability research targeting operating system kernels, firmware, or embedded components

Strong understanding of low-level vulnerability classes and exploitation techniques, such as memory corruption, race conditions, and use-after-free

Ability to apply AI techniques and tools, such as LLMs or Machine Learning, for security research

Outstanding collaboration skills

Pay & Benefits

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $147,400 and $272,100, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple's discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple's Employee Stock Purchase Plan. You'll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses - including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.