About The Position
Help Apple secure the world’s most advanced consumer devices, which people trust to store their personal and professional data. We believe that the best defense is a good offense, and that means finding vulnerabilities before attackers do. We're looking for talented and inspired individuals to join our team and attack Apple's products with the goal of better safeguarding our users. We are looking for a Senior Security Researcher to join our specialized Red Team. In this role, you will focus on the complex boundary where hardware meets software. You will hunt for vulnerabilities in the microarchitecture, memory management, and execution pipelines of modern CPUs and GPUs, as well as in the low-level code which runs on it. If you enjoy bridging the gap between hardware primitives and kernel-level exploits, and have a passion for uncovering side-channels or architectural logic flaws, this is the team for you.
Requirements
- Strong understanding of modern CPU architectures (pipeline stages, caching mechanisms, MMU, speculative execution).
- Extensive familiarity with ARM v8/v9 or x86 instruction sets.
- Proven understanding of GPU architectures (execution pipelines, memory hierarchies) and how software interfaces with them (e.g., driver vulnerability research, compute batching, memory isolation).
- Proficiency in C, C++, and Assembly.
- Deep understanding of operating system internals, kernel architecture, and memory management.
- Demonstrable experience in discovering vulnerabilities or developing exploits at the OS/Hypervisor level, or in hardware-software interfaces (CVEs, bug bounties, conference talks, or whitepapers).
Nice To Haves
- Experience with hardware description languages (Verilog/VHDL) or pre-silicon security validation.
- Experience with confidential computing environments.
- Familiarity with the security implications of AI/ML hardware accelerators and complex GPU workloads (e.g., memory handling in PagedAttention or Mixture of Experts).
- Familiarity with reverse engineering tools (IDA Pro, Ghidra) and dynamic analysis/debugging tools.
Responsibilities
- Design and execute targeted adversarial campaigns against the hardware/software interface of modern SoCs, specifically focusing on CPU and GPU.
- Conduct deep-dive vulnerability research into microarchitectural behaviors, side-channels, and hardware-assisted security features.
- Develop proof-of-concept exploit chains that bridge hardware vulnerabilities into kernel space, demonstrating real-world impact.
- Analyze GPU driver interfaces, command processors, and execution units, particularly in the context of modern compute workloads and hardware acceleration.
- Evaluate and attempt to bypass modern hardware mitigations (e.g., Pointer Authentication, Memory Tagging, virtualization boundaries).
- Partner with hardware engineering and software kernel teams to translate your red team findings into robust, architectural-level mitigations.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
