Canberra, Australian Capital Territory, Australia
Security Engineering & Architecture (SEAR) is at the core of Apple's product security strategy, and we're fanatical about protecting our users. We are building a new team to defend our most valuable security boundaries and mitigations by bringing new data-driven insights delivered at scale. We're looking for an outstanding Security Engineer to join our small, fast-paced team to help implement our renewed strategy to achieve continuous security policy enforcement and rapid regression detection.
As a Security Engineer, you will design and develop security automations to support the rollout of new security technologies and uphold the effectiveness of existing security boundaries and mitigations. The role is expansive, covering opportunities for impact across the entire software development lifecycle. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, continuous security assurance is paramount. Can you make a difference on this scale? Join our extraordinary team of security engineers and help protect all Apple users.
DescriptionYou will be part of the foundational team who partners with security engineering teams to determine the data-driven insights and automations we need to build, to enforce security invariants and policies continuously, in order to provide high confidence in the integrity of our frontline mitigations and boundaries. Once regressions or violations are detected, the team is also responsible for ensuring we've built the right relationships, agreements, and processes to efficiently get these fixed as quickly as possible.
We're a small team of passionate engineers who thrive in a fast-paced environment, driven by unique and novel challenges, and deliver things that go beyond what traditional automation could do. You will be working alongside a wide variety of teams, and your influence will be felt throughout Apple's extraordinary products, including: the iPhone, Apple Vision Pro, Mac, and Apple TV.
We're looking for someone with a strong understanding of security engineering principles, software delivery, and secure SDLC; and an understanding of the engineering challenges, organisational dynamics, and the process trade-offs of building a continuous security capability. If you enjoy creative, critical, and independent thinking, we'd love to hear from you.
The job is as diverse as it is essential. Your responsibilities will also include harnessing a vast array of available build data (dynamic and static) to derive meaningful security insights, learning how our software is built end-to-end at Apple to determine the most impactful intervention points, partnering with infrastructure engineers to get your automations deployed to production, and helping engineers that work on Apple products to make better - more secure - choices during development. This position may require some travel to other Apple sites, vendors, and security conferences.
Minimum QualificationsProven experience building and integrating security-enforcing controls across the full software lifecycleProgramming background in Python, Swift, C, C++, and/or Objective-CKnowledge of OS security fundamentals including contemporary mitigation techniques and vulnerability classesExceptional ability to communicate clearly and effectively about technical topics (verbal and written)Preferred QualificationsKnowledge of macOS and iOS security architecturesKnowledge of observability tools and techniquesExperience building visualisations for complex technical informationEnthusiasm for new technologies and growthExperience driving security projects to identify software regressionsExperience with CI/CD integrations, binary analysis, telemetry analysis, build verifiers, IDE and compiler security plug-ins and/or engineer security training #J-18808-Ljbffr