Security Applications Engineer, Apple Retail
Austin , Texas , United States
Software and Services
Posted: Mar 29, 2021
Weekly Hours: 40
Role Number: 200151108
Our scope includes everything from customer interaction within Retail Stores and the Online Store, to enterprise services like retail payment systems that support our physical and online storefronts. Conduct architecture security review, application testing, and penetration testing modeled after real world attackers (i.e., exploit and pivot).
- Experience manually testing web applications or enterprise penetration testing
- Experience with a scripting language (e.g. perl, python, PHP, ruby) and a programming language (e.g. JAVA, Objective C)
- Proficiency in either Mac OS X and/or other flavors of UNIX
- Ability to explain basic networking concepts (routing, ACL, load balancers, SSL/TLS, TCP) in order to provide application architecture feedback
- Background in web application development and/or code auditing strongly preferred
- Strong verbal & written communication skills
- Passion for discovering and researching new vulnerabilities and exploitation techniques
Conduct security architecture review of the full stack including applications built on cloud and emerging technologies. Conduct manual application security testing and source code auditing for a variety of technologies. Provide clear and detailed risk assessment and remediation guidelines for developers and business owners. Conduct penetration testing targeting critical Apple data, services, and environments. Report underlying security issues and propose enhanced security protections. Other responsibilities include:
Security research on the latest best practices, trends, threats and vulnerabilities, and technology frameworks
Documenting and disseminating security guidelines for common security issues, remediation guidance, and security technology baselines
Develop tools and exploits to support application security review and/or penetration testing We work cross-functionally with teams Apple wide providing security consulting services and driving new security initiatives. Our talented team of security professionals is a key to our success.
Education & Experience
Prefer: BS in Computer Engineering with specialization in Information Security or 4+ years of equivalent, hands-on information security experience in a large enterprise environments a plus.