Software Development Engineer Security, Enterprise Technology Services

Overview

Do you love working on highly scalable and secure distributed applications? The Product Engineering Systems team is looking for dedicated hands-on Security Engineers who are not afraid to share knowledge, think creatively, and question assumptions. You will be part of a cohesive, fast-moving team responsible for various systems supporting Apple’s R&D organizations. Bring passion and dedication to the job, and there’s no telling what you could accomplish!

We are seeking a motivated and technically adept Security Engineer to join our Software Engineering team. As a key member of our security-focused initiatives, you will contribute to the development, implementation, and maintenance of security measures within our software systems. This role provides an excellent opportunity for professional growth in the field of cybersecurity.

• Software Security Development:
  Collaborate with the software development team to integrate security best practices into the software development lifecycle. Implement and review secure coding practices to identify and remediate vulnerabilities.
• Threat Modeling:
  Conduct threat modeling exercises to identify potential security risks in software applications. Work closely with development teams to prioritize and address security concerns based on threat assessments.
• Code Review and Analysis:
  Perform regular code reviews to identify and mitigate security vulnerabilities. Utilize static and dynamic analysis tools to assess the security posture of software code.
• Incident Response:
  Assist in responding to security incidents, conducting investigations, and implementing corrective actions. Work collaboratively with the incident response team to improve incident detection and response capabilities.
• Security Awareness:
  Contribute to security awareness training for software development teams. Stay updated on the latest security trends, vulnerabilities, and industry best practices.
• Analytical & Automation Mindset:
  Bring strong analytical skills to address complex security challenges and derive actionable insights. An automation mindset is valued to automate security processes, improve efficiency, and reduce manual errors.
• Innovation:
  Support the use of new technology to improve creative output and security capabilities.

• Programming/scripting skills and ability to read and audit various programming languages (e.g., Java, JavaScript, Python).
• Strong knowledge of network security, encryption protocols, access control, and identity management.
• Ability to conduct security assessments, vulnerability scans, and penetration tests.
• Experience with cloud security principles and technologies, including container security.

• Familiarity with security incident response and root cause analysis.
• Knowledge of software development lifecycle (SDLC) security practices.
• Experience integrating and automating security checks into CI/CD pipelines.
• Hands-on experience with security technologies and tools, including IAST and DAST.
• Experience with security audits, compliance assessments, and remediation efforts.
• Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+.
• Bachelor’s degree in Computer Science, or equivalent practical experience.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant. Apple accepts applications to this posting on an ongoing basis.