Security Engineer, G&A Solutions Engineering (GSE)

Apple is where individual creativities capture together, contributing to the values that lead to phenomenal work. Every new product we build, service we compose, or Apple Store experience we deliver is the result of us making each other's ideas stronger. That happens because every one of us shares a belief that we can make something wonderful and share it with the world, changing lives for the better. It's the diversity of our people and their thinking that encourages the innovation that runs through everything we do. When we bring everybody in, we can do the best work of our lives. Here, you'll do more than join something - you'll add something.

Description

We are an embedded security team in Corporate Systems Engineering within IST responsible for the security of 100+ applications. Our focus is to develop tools and technologies and establish security guidelines in accordance with Apple Information Security guidelines. We embrace a ShiftLeft attitude to secure the entire SDLC lifecycle of our applications. We are looking for an expert security engineer with strong technical abilities who is passionate about keeping applications secure. You will become part of an outstanding team solving outstanding challenges and your work will have a direct positive impact on the security of myriad products.

","responsibilities":"Conduct security architecture reviews and threat modeling of various applications

Implement security penetration tests across diverse applications, simulating attack scenarios to assess efficacy of security controls and provide recommendations for remediation

Improve the security posture of multiple applications by working with developers, engineers, and other multi-functional teams

Design and develop innovative tools and products for increasing security and providing ready access to security metrics for multiple applications

Conduct code and design reviews to proactively identify security vulnerabilities in implementation

Establish security protocols and promote their adoption across multiple teams

Preferred Qualifications

Experience with OSWA, PenTest+, or OSCP certification

3+ years proven experience with penetration testing

Solid technical expertise using high-level programming language like Java, or Python and solid understanding of various operating systems and networks, especially experience with Linux

Proficient in building tools and scripting automations

Experience with cloud technologies is a plus

Minimum Qualifications

3+ years experience specializing in testing web applications

3+ years experience in conducting security architecture reviews and threat modeling

Bachelor's or Masters degree in Computer Science or Computer Engineering or equivalent work experience

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant .