Job Description
Embedded within Apple’s Security Engineering & Architecture organization, our team’s mission is to ensures secure runtime environments for our firmware, constrained, and isolated compute environments, so that we can protect sensitive user assets and prevent advanced attacks against our customers. We're looking for an outstanding Firmware Security Researcher to join our exceptional team whose focus is on securing the lowest level of our system to create secure and privacy preserving products that billions of users trust.
As a Firmware Security Researcher, you will work with cutting edge technology alongside some of the most creative, passionate, hardworking engineers in the industry; collaborating with teams from software, hardware, user privacy, design, and more. Your influence will be felt throughout Apple's extraordinary products, including: the iPhone, Apple Vision Pro, Mac and Apple TV. Our team challenge and learn from each other to go beyond the norm to find new, innovative ways of solving problems and making our software, hardware, and customers safer. Not many jobs can offer all of these things. Security engineering jobs at Apple do, and much more.
Description
The role of a Firmware Security Researcher is as diverse as it is essential, you will lead research and analysis in identifying vulnerabilities and trends across our platforms, invent new defensive technologies to eliminate entire classes of issues, and drive the delivery of security mitigations in collaboration with our partner engineering teams.
A typical day in the role may include:
* Evaluating security-critical aspects of our products, from system architecture to code review, from product features definition to circuit layout
* Providing security focused consultations to partner teams on new features and technologies
* Developing intelligent automated tools for security analysis, verification, and regression defence
* Identifying threats and driving the development of mitigations to prevent them
* Challenging existing mitigation techniques through evaluation and proof of concept exploitation
* reverse engineering exploits, if necessary
This position may require some travel to other Apple sites and vendors.
Minimum Qualifications
Familiarity with firmware and embedded system technologies
Experience with secure programming and code auditing
Knowledge of modern anti-exploitation mitigations and their effectiveness
Background in firmware or systems programming, ideally in C, C++, or another systems programming language
Excellent communication skills
Preferred Qualifications
Ideas and enthusiasm for using AI to fundamentally change the field of security engineering
Proficiency with threat modelling complex systems
Background in software exploitation
Familiarity with operating system internals, especially macOS, iOS, or other flavours of UNIX
Experience with memory safe programming languages and/or techniques