Job Description

Summary



Posted: 23 Aug 2024




Weekly Hours: 40




Role Number: 200558613



Imagine what you could do here. At Apple, great ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job; there's no telling what you could accomplish. As a security engineer in Retail Engineering, you'll be responsible for securing the Apple Online Store and flagship retail stores, through to business-critical backend customer and payment systems. Along the way you'll be expected to grasp the security implications of emerging technologies such as machine learning and cloud.




Description



- Perform threat models and architecture reviews of complex projects - Conduct penetration testing against a wide variety of technologies. Ability to communicate these findings in high-quality reports and presentations - Provide guidance and education to partnering teams - Build relationships, influence and improve security culture via various initiatives (presentations, training, etc) - Participate in, or lead Red Team operations against large organizations within Apple - Support partnering blue teams in responding to threats and enhancing detections - Develop tooling to support primary responsibilities - Deliver security campaigns and initiatives to improve the security posture of the organization




Minimum Qualifications

• Experience performing threat models or architecture reviews
• Strong ability to penetration test application, infrastructure and cloud environments.
• Strong understanding of fundamental networking and security concepts
• Programming/scripting skills, and ability to read and audit various programming languages, (Go, Java, JavaScript, Python etc)
• Proficiency in MacOS and other Unix based systems
• Knowledge of cloud architecture and security



Preferred Qualifications

• BSc in Computer Science or equivalent
• OSCP or OSWE certification
• Experience with CTFs or hacking labs
• Experience securing and pentesting mobile applications
• Experience participating in or leading red teams or similar offensive security engagements
• Publications, security research, bug bounties or CVEs are highly regarded
• Experience presenting to technical and non technical audiences
• Passion for information security
• Ability and motivation to learn new skills, concepts and technologies
• Excellent written and verbal communication skills
• Ability to take ownership of security problems, and drive remediation to competition
• Self-motivated, able to work individually and as part of a global team
• Ability to grasp large sophisticated systems and context-switch when needed
• Ability and willingness to work both from the office and from home
• Some international travel may be required