Job Description
Help Apple secure the world’s most advanced consumer devices which people trust to store their personal and professional data. We believe that the best defense is a good offense, and that that means finding vulnerabilities before the community does. We're looking for dedicated and inspired individuals to join our team and attack Apple's products, with the goal of better safeguarding our users. The job involves performing security reviews of low level software and hardware, side channel and fault attacks on SoC hardware, and research into advanced physical attacks.
Description
Customers’ security, privacy, and safety are very important to Apple. Your job will be to analyze our products and attempt to break them in ways that could undermine these goals, including when the attacker is in possession of the Apple device. In order to do that, you will be required to:
- Examine embedded systems and find security vulnerabilities in Apple or 3rd party firmware and bootloaders. Develop tools to automate or focus the effort of performing such security reviews
- Examine new Apple silicon security features and demonstrate if/how they can be defeated
- Perform physical attacks on hardware in a lab environment
- Propose new ideas for security hardening and mitigations
- Stay abreast of modern hacking techniques against Apple products, including those where the attacker is in close proximity or possession of the device
Minimum Qualifications
Key Qualifications
- Ability to find software security vulnerabilities through static and dynamic analysis
- Programming background in C, C++, Python
- Good understanding of SoC architecture and hardware security primitives
- Familiarity with assembly and ARM instruction set
- An understanding of past, current, and emerging security exploit types
- Familiarity with secure bootloaders
- Team player with good interpersonal skills
Preferred Qualifications
Education & Experience
B.S. and a minimum of 3 years relevant industry experience. B.S. or M.S. in Computer Science or Engineering, or proven track record as a Security Researcher or Security Analyst is preferred
Additional Requirements
- - Proficiency in real time operating system internals
- - Experience with side channel analysis (SCA) and fault injection (FI) attacks
- - Ability to work in a lab environment with some familiarity with standard electronics equipment
- - Good understanding of the principles and use of cryptographic primitives and protocols
- - Reverse engineering capabilities + working knowledge in IDA
Pay & Benefits
- At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $143,100 and $264,200, and your base pay will depend on your skills, qualifications, experience, and location. Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits. Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.
- Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.
Customers’ security, privacy, and safety are very important to Apple. Your job will be to analyze our products and attempt to break them in ways that could undermine these goals, including when the attacker is in possession of the Apple device. In order to do that, you will be required to:
- Examine embedded systems and find security vulnerabilities in Apple or 3rd party firmware and bootloaders. Develop tools to automate or focus the effort of performing such security reviews
- Examine new Apple silicon security features and demonstrate if/how they can be defeated
- Perform physical attacks on hardware in a lab environment
- Propose new ideas for security hardening and mitigations
- Stay abreast of modern hacking techniques against Apple products, including those where the attacker is in close proximity or possession of the device B.S. and a minimum of 3 years relevant industry experience. B.S. or M.S. in Computer Science or Engineering, or proven track record as a Security Researcher or Security Analyst is preferred
Job Tags
Relocation,