Firmware Security Researcher, SEAR

Apple 

📍 Cupertino, United States 🇺🇸

full-time
mid-level
Posted —

Key Skills

firmwaresecurityvulnerabilitiesprogrammingautomation

Industry

Consumer ElectronicsSecurity & Surveillance

Job Description

Embedded within Apple’s Security Engineering & Architecture organization, our team’s mission is to ensures secure runtime environments for our firmware, constrained, and isolated compute environments, so that we can protect sensitive user assets and prevent advanced attacks against our customers. We're looking for an outstanding Firmware Security Researcher to join our exceptional team whose focus is on securing the lowest level of our system to create secure and privacy preserving products that billions of users trust. As a Firmware Security Researcher, you will work with cutting edge technology alongside some of the most creative, passionate, hardworking engineers in the industry; collaborating with teams from software, hardware, user privacy, design, and more. Your influence will be felt throughout Apple's extraordinary products, including: the iPhone, Apple Vision Pro, Mac and Apple TV. Our team challenge and learn from each other to go beyond the norm to find new, innovative ways of solving problems and making our software, hardware, and customers safer. Not many jobs can offer all of these things. Security engineering jobs at Apple do, and much more.
Description

The role of a Firmware Security Researcher is as diverse as it is essential, you will lead research and analysis in identifying vulnerabilities and trends across our platforms, invent new defensive technologies to eliminate entire classes of issues, and drive the delivery of security mitigations in collaboration with our partner engineering teams. A typical day in the role may include: * Evaluating security-critical aspects of our products, from system architecture to code review, from product features definition to circuit layout * Providing security focused consultations to partner teams on new features and technologies * Developing intelligent automated tools for security analysis, verification, and regression defence * Identifying threats and driving the development of mitigations to prevent them * Challenging existing mitigation techniques through evaluation and proof of concept exploitation * reverse engineering exploits, if necessary This position may require some travel to other Apple sites and vendors.
Minimum Qualifications

Familiarity with firmware and embedded system technologies Experience with secure programming and code auditing Knowledge of modern anti-exploitation mitigations and their effectiveness Background in firmware or systems programming, ideally in C, C++, or another systems programming language Excellent communication skills
Preferred Qualifications

Ideas and enthusiasm for using AI to fundamentally change the field of security engineering Proficiency with threat modelling complex systems Background in software exploitation Familiarity with operating system internals, especially macOS, iOS, or other flavours of UNIX Experience with memory safe programming languages and/or techniques