Software Development Engineer - Security
Job Description
Summary
The Core Platform team within Apple's CoreOS organization brings Apple’s iPhone, iPad, iWatch, Mac, and Home products to life. The ROMs and firmware we develop are at the foundation our devices’ security. We are looking for a motivated software engineer to bring our firmware security to the next level. Your work will have a real impact on Apple products and features, from the software down to the silicon. As an Apple employee, you'll be part of a company whose commitment to user privacy is at the heart of everything we do. You'll be surrounded by the most creative, passionate, and talented engineers in the industry, constantly being challenged to go beyond the norm to find new, innovative ways of solving problems and to make devices safer and secure.
Description
In this role...
* Work with the Product & System Security teams in implementing the security patches
* Contribute to the software and hardware roadmap for new security features on a range of platforms, including iPhone, iPad, Mac, Apple Watch, and Home products.
* Assist with audit of security critical code and hardware, review and implement patches.
* Create tools that help automate security verification, testing.
* Improve firmware architecture and APIs to build security into the core.
* Deploy security mitigations suitable for use in an embedded environment.
* Work with multi-functional teams to extend secure boot technologies.
* Collaborate with testing organizations to verify security features and fuzz for vulnerabilities.
* Work with the Product & System Security teams in implementing the security patches
* Contribute to the software and hardware roadmap for new security features on a range of platforms, including iPhone, iPad, Mac, Apple Watch, and Home products.
* Assist with audit of security critical code and hardware, review and implement patches.
* Create tools that help automate security verification, testing.
* Improve firmware architecture and APIs to build security into the core.
* Deploy security mitigations suitable for use in an embedded environment.
* Work with multi-functional teams to extend secure boot technologies.
* Collaborate with testing organizations to verify security features and fuzz for vulnerabilities.
Minimum Qualifications
- A passion for embedded development and security
- Understanding of software vulnerabilities and mitigations
- Experience with secure boot and related cryptographic applications for platform security, principles and use of cryptographic primitives and protocols.
- Background in secure coding and code auditing.
Preferred Qualifications
- Direct experience in the overlap between software and hardware security, and firmware/software technologies.
- Familiarity with modern processor architecture.
- Experience designing and architecting systems with security in mind.
- Have an understanding of past, current, and emerging security exploit types.
- Experience in creating working proof of concepts from found vulnerabilities on systems with advanced anti exploitation measures (e.g. ASLR).
- Exposure to kernel programming.