Job Description

Locations

• Cupertino, California, United States 95014

Salary

Skills Required

• design and implement key systemsintermediate
• owning the architectureintermediate
• implementation decisionsintermediate
• validation methodologyintermediate
• perform security reviewsintermediate
• securing low-level technologiesintermediate
• reverse engineer exploitsintermediate
• provide insightful analysisintermediate
• implement innovative security featuresintermediate
• consult with other teamsintermediate
• audit codeintermediate
• review designsintermediate
• hardware and firmware security design assistanceintermediate
• audit security critical firmware and hardwareintermediate
• create tools that help automate security verificationintermediate
• create tools that help automate testingintermediate
• create tools that help automate researchintermediate
• binary instrumentationintermediate
• SoC microarchitectureintermediate
• compiler developmentintermediate
• applied fault injectionintermediate

Required Qualifications

• A proven track record in finding security vulnerabilities in shipping products and/or designing platform security countermeasures. (experience)
• Programming background in C, C++, and/or Objective-C. Additionally, must have proficiency in scripting language(s) such as Python. (experience)
• Proficiency with assembly languages, ARM a big plus. (experience)
• Familiarity with modern processor and SoC architecture. (experience)
• Background in secure programming patterns and code auditing. (experience)
• Have an understanding of past, current, and emerging security exploit classes. (experience)
• Proficiency with operating system internals, especially macOS, iOS, or other flavors of UNIX (experience)
• Have the ability to track and lead multiple parallel projects. (experience)
• Familiarity with collaborating with partner teams in hardware, software, and product groups to define and deliver rigorous security features (experience)
• Relevant experience or education, such as performing security research and analysis or a Bachelor's degree in Computer Science or related field. We are open to strong candidates with no formal education. (experience)

Preferred Qualifications

• Experience creating working proof of concepts from found vulnerabilities on systems with advanced countermeasures (ASLR, TZ, PAC, etc). (experience)
• Exposure to kernel or driver programming. (experience)
• Reverse engineering using tools such as IDA Pro. (experience)
• Familiarity with the principles and use of cryptographic primitives and protocols. (experience)

Responsibilities

• Our team focuses on security improvements for Apple’s various platforms and the hardware that supports them, as well as building security tools to provide high assurance. We reverse engineer exploits, provide insightful analysis, implement innovative security features, consult with other teams on both hardware and software, audit code, and review designs. We are seeking someone with strong technical expertise and a passionate desire to secure low-level systems by showing how they can be broken.
• You’ll be working alongside teammates with diverse technical backgrounds including mobile and console research, binary instrumentation, SoC microarchitecture, compiler development, applied fault injection, and more. If you have your own area of fascination and a love of low-level security, you’ll find yourself right at home!
• In this role you will...
• - Provide hardware and firmware security design assistance
• - Audit security critical firmware and hardware.
• - Create tools that help automate security verification, testing, or research.
• - Reverse engineer exploits, if necessary.
• - This position may require occasional travel to other Apple sites, vendors, and security conferences.

Tags & Categories