As a Senior Security Engineer in Retail Engineering, you'll play a pivotal role in securing Apple's Retail and Online Store ecosystem - from flagship customer experiences to the critical backend systems that support transactions, customer data, and operational infrastructure.
Description
* Influence the development of secure architecture through security requirements, architecture reviews, and threat modelling.
* Act as a security partner to engineering teams, embedding yourself into their workflows and guiding secure-by-design principles.
* Build and maintain trusted relationships across engineering, product, and security functions.
* Conduct red team engagements that simulate real-world threats, then translate findings into actionable insights and learning opportunities for engineering teams.
* Perform in-depth security assessments and technical deep dives across a broad spectrum of technologies, ranging from web applications to cloud infrastructure, cryptographic protocols to AI and machine learning.
* Develop and maintain custom tools to enable a more effective, efficient, and scalable security program.
* Deliver technical guidance, workshops, and training sessions to upskill engineering teams in secure development practices.
* Drive security initiatives aimed at measurably improving the organization's security posture.
* Thrive in a fast-paced environment with shifting priorities, seamlessly context-switching across multiple projects, technologies, and threat landscapes.
Apple is seeking candidates who have:
* A passion for information security.
* Proven experience collaborating with engineering teams to integrate security throughout the software development lifecycle.
* Deep technical understanding of web, infrastructure, mobile, network, and cloud security principles.
* Adaptability and curiosity to learn new technologies, platforms, and threat landscapes.
* Proficiency in scripting and programming (e.g., Go, Java, JavaScript, Python).
Additional Requirements
* Ability and willingness to work both from the office and from home.
* Occasional international travel may be required.
Minimum Qualifications
* Experience in a security engineer, security consultant, security architect, penetration tester, or similar role.
* Expertise in threat modelling, secure architecture design, and reviewing complex systems.
* Strong capability in penetration testing applications, infrastructure, and cloud environments.
* Excellent written and verbal communication skills.
Preferred Qualifications
* Bachelor's degree in Computer Science or related field (or equivalent experience).
* Relevant certifications (e.g., OSCP, OSWE).
* Experience with CTFs, bug bounty programs, or published research.
#J-18808-Ljbffr