Red Team Platform and Hardware Security Researcher

Apple•Cupertino, CA

About The Position

Red Team Platform and Hardware secures the hardware/software boundary for all of Apple’s products, focusing on operating systems, kernel, firmware, and user data protection. We’re looking for a skilled, driven individual inspired to design and implement key systems, owning the architecture, implementation decisions, and validation methodology, as well as perform security reviews of existing designs. You’ll become part of an outstanding team dedicated to securing low-level technologies such as the boot ROMs, firmware, and iOS and macOS kernel for our chipsets, such as Apple Silicon and wireless. You’ll work with a wide variety of teams and vendors who are equally committed to great work, and your influence will be felt throughout Apple's extraordinary products, such as the iPhone, iPad, Mac and AirPods. We design and secure software for hundreds of millions of users. We make products that people LOVE. We are committed to user privacy and security. We have some of the most creative, passionate, hardworking engineers in the industry. We challenge each other to go beyond the norm to find new, innovative ways of solving problems and to make software safer, easier, and more fun to use. Not many jobs can offer all of these things. Security engineering jobs at Apple do, and much more. DESCRIPTION Our team focuses on security improvements for Apple’s various platforms and the hardware that supports them, as well as building security tools to provide high assurance. We reverse engineer exploits, provide insightful analysis, implement innovative security features, consult with other teams on both hardware and software, audit code, and review designs. We are seeking someone with strong technical expertise and a passionate desire to secure low-level systems by showing how they can be broken. You’ll be working alongside teammates with diverse technical backgrounds including mobile and console research, binary instrumentation, SoC microarchitecture, compiler development, applied fault injection, and more. If you have your own area of fascination and a love of low-level security, you’ll find yourself right at home!

Requirements

A proven track record in finding security vulnerabilities in shipping products and/or designing platform security countermeasures.
Programming background in C, C++, and/or Objective-C.
Proficiency in scripting language(s) such as Python.
Proficiency with assembly languages, ARM a big plus.
Familiarity with modern processor and SoC architecture.
Background in secure programming patterns and code auditing.
Have an understanding of past, current, and emerging security exploit classes.
Proficiency with operating system internals, especially macOS, iOS, or other flavors of UNIX
Have the ability to track and lead multiple parallel projects.
Familiarity with collaborating with partner teams in hardware, software, and product groups to define and deliver rigorous security features
Relevant experience or education, such as performing security research and analysis or a Bachelor's degree in Computer Science or related field.
We are open to strong candidates with no formal education.

Nice To Haves

Experience creating working proof of concepts from found vulnerabilities on systems with advanced countermeasures (ASLR, TZ, PAC, etc).
Exposure to kernel or driver programming.
Reverse engineering using tools such as IDA Pro.
Familiarity with the principles and use of cryptographic primitives and protocols.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume