Spanish bilingual and Hispanic jobs since 1997. Diversity job fairs since 2006. employers     login   |   register - post a job
Hispanic Diversity Recruitment - best jobs for hispanic, latino & bilingual (spanish & portuguese) jobseekers
HOME
    Log me in!   |   Site Map   |   Help   
 Application Security Engineer, Ad Platforms - Austin, Texas, United States

   
Job information
Posted by: Apple 
Hiring entity type: Retail 
Work authorization: Not Specified for United States
Position type: Direct Hire, Full-Time 
Compensation: ******
Benefits: See below
Relocation: Not specified 
Position functions: Computers - Platforms
 
Travel: Unspecified 
Accept candidates: from anywhere 
Languages: English - Fluent
 
Minimum education: See below 
Minimum years experience: See below 
Resumes accepted in: English
Cover letter: No cover letter requested
Job code: 200230100 / Latpro-3778139 
Date posted: Mar-11-2021
State, Zip: Texas, 78729

Description

Application Security Engineer, Ad Platforms

Austin , Texas , United States

Software and Services

Summary

Posted: Mar 11, 2021

Role Number: 200230100

At Apple, we work every day to create products that enrich people's lives. The Advertising Platforms group makes it possible for people around the world to easily access informative and imaginative content on their devices while helping publishers and developers promote and monetize their work. Today, our technology and services power advertising in Search Ads in the App Store and Apple News. Our platforms are highly-performant, deployed at scale, and setting new standards for enabling effective advertising while protecting user privacy. We are seeking an application security engineer who is passionate about protecting critical both internal and customer-facing applications and APIs. You will collaborate with engineering leaders, developers, quality engineers, and security teams to secure Ad Platforms' applications and services, present and future. Responsibilities include assessing the risk landscape for products, and helping drive risk mitigation. You will work with partner teams on security tools, penetration testing, and security testing methodologies to keep Ad Platforms services secured. You will experience a rapidly evolving technology and threat landscape and contribute to the education of teams on compliance activities throughout the development lifecycle. You should expect to be exposed to a broad range of systems, including web applications, big data, distributed processing, and virtualized environments.

Key Qualifications

  • Passionate about Application Security with 4+ years of relevant experience
  • Deep understanding of web application security threats, exploits, prevention (SQL Injection, XSS, CSRF, platform hardening, etc)
  • Ability to triage, reproduce, and recommend remediations for vulnerabilities
  • Proficient with a scripting language (e.g., Python, Bash, Go).
  • Proficiency with Java and Javascript
  • Experience in penetration testing and with tools such as Burp or Zap
  • Passion for understanding and researching vulnerabilities and exploitation techniques
  • Knowledge of development and integration tools and technologies (e.g. CI/CD)
  • Knowledge of tools including static code analysis and dynamic application scanning (e.g. SonarQube, Qualys)
  • Knowledge of test automation frameworks and how they can be leveraged for security QE
  • Knowledge of networking concepts (firewalls, load balancers, etc)
  • Prior experience/background in web application development
  • Practical knowledge of cryptography and common attacks against modern cryptographic algorithms (encryption at rest, TLS, hashing, etc)
  • Keeping up with industry trends in security technology and threats
  • Experience securing applications in public cloud (e.g. AWS, Azure, Google Cloud)
  • Excellent communication, interpersonal and collaboration skills

Description

IN THIS EXCITING ROLE, YOUR RESPONSIBILITIES WILL INCLUDE: - Conducting security architecture reviews of the application stack, including applications built on cloud and emerging technologies - Performing security/penetration testing on new applications, products, and features before they are released - Reviewing source code for potential security issues - Designing and automating security test cases to check for vulnerabilities or broken/missing security controls - Providing specific risk assessment and remediation guidelines for developers and business owners - Triaging and reviewing findings from security tools, including static and dynamic scanners - Researching the latest security best practices, trends, threats and vulnerabilities, and technology frameworks - Documenting and disseminating security guidelines for common security issues, remediation guidance, and security baselines - Working with developers to provide security guidance and mentor them on secure development practices - Developing tools and exploits to support security testing - Writing automations to streamline common tasks, tests, workflows, etc.

Education & Experience

Relevant BA/BS degree and/or certifications (CRISC, CISSP, CCIE, CISM, CISA, CCSK)or equivalent experience.



Requirements

See job description

 

Apple requires you to fill in their on-line form which will open in a different window.

Enter your email address and click 'Apply':
       Apply
  Prefer not to enter your email?