Systems & Kernel Software Engineer, SEAR

Apple•Cupertino, CA

About The Position

The SPEAR Systems & Kernel team in Apple's Security Engineering & Architecture organization is hiring a collaborative systems engineer with a drive to improve the security of end user devices. We take on software engineering projects to make progress on Apple's most pressing security challenges, anywhere in the lower layers of the stack: bootloaders, drivers, firmware, and the kernel. Our goal is to eliminate whole classes of software vulnerabilities, securing our systems against even the most advanced and well-resourced adversaries. We've done wholesale rewrites of codebases into memory safe languages, deployed static and dynamic analysis to prevent bugs, and undertaken bespoke rearchitecture of critical codebases. We continue to refine our approach to best protect our users against rapidly evolving threats.

Requirements

BS in Computer Science or a related field, or equivalent experience.
Working knowledge of C and expertise in one or more systems programming languages (C, C++, Rust, Zig, or Swift).
Experience writing low-level software, such as kernels, drivers, firmware, bootloaders, hypervisors, or runtimes.
Understanding of how low-level code is compiled to machine code and interacts with hardware.
Experience with, or an interest in, software security.
Strong written and verbal communication.

Nice To Haves

Understanding of the security properties of common systems languages.
Understanding of common vulnerability exploitation and mitigation techniques.
Experience designing, implementing, or evaluating software security mitigations.
Deep expertise in C programming.
Experience using LLMs to accelerate security engineering.
Experience with compiler security features, static analysis, or fuzzing.
Contributions to open-source systems or security projects.

Responsibilities

Partner with teams across the lower layers of the software stack to design security defenses that meaningfully improve the security of Apple devices.
Collaborate on a design that upholds a high security standard without compromising on system performance or user experience.
Ramp up on partner team's codebase and implement the design.
Design the hardening approach for a given codebase, from surgical adoptions of memory safety technologies, to mitigation deployment, to broad refactors that reorient key system components.
Ramp quickly on unfamiliar codebases and writing production-quality low-level code in C, C++, or Swift.
Balance security goals against the realities of working on code that ships to hundreds of millions of devices: performance, memory footprint, compatibility, and reliability.
Test thoroughly, debug carefully, and partner with QA on end-to-end validation.
Use modern tooling, including LLMs, where it helps us move faster, while applying the systems and security depth needed to evaluate what those tools produce.
Create the documentation and training materials the partner team needs to maintain and build on the changes.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume