As a Senior Security Engineer in Retail Engineering, you'll play a pivotal role in securing Apple's Retail and Online Store ecosystem - from flagship customer experiences to the critical backend systems that support transactions, customer data, and operational infrastructure. Apple seeks an individual with a strong technical security background and a deep passion for security. Your ability to partner with, influence, and empower engineering teams will be just as important as your technical expertise.
Description In this role you will: -Influence the development of secure architecture through security requirements, architecture reviews and threat modelling. -Act as a security partner to engineering teams-embedding yourself into their workflows and guiding secure-by-design principles. -Build and maintain trusted relationships across engineering, product, and security functions. -Conduct red team engagements that simulate real-world threats, then translate findings into actionable insights and learning opportunities for engineering teams. -Perform in-depth security assessments and hands-on technical deep dives across a broad spectrum of technologies, ranging from web applications to cloud infrastructure, cryptographic protocols to AI and machine learning. -Develop and maintain custom tools that enable a more effective, efficient and scalable security program. -Deliver technical guidance, workshops, and training sessions to up skill engineering teams in secure development practices. -Drive security initiatives aimed at measurably improving the organization's security posture. -Thrive in a fast-paced environment with shifting priorities, seamlessly context-switching across multiple projects, technologies, and threat landscapes. Apple is seeking candidates who have: -Passion for information security. -Proven experience collaborating with engineering teams to integrate security throughout the software development lifecycle. -Deep technical understanding of web, infrastructure, mobile, network and cloud security principles. -Adaptability and curiosity to learn new technologies, platforms, and threat landscapes. -Proficient in scripting and programming (e.g., Go, Java, JavaScript, Python). Additional Requirements: -Ability and willingness to work both from the office and from home. -Occasional international travel may be required.
Minimum Qualifications
* Experience in an existing security engineer, security consultant, security architect, penetration tester or similar role.
* Expertise in threat modelling, secure architecture design, and reviewing complex systems.
* Strong capability in penetration testing applications, infrastructure, and cloud environments.
* Excellent written and verbal communication skills.
Preferred Qualifications
* Bachelor's degree in Computer Science or related field (or equivalent experience).
* Relevant certifications (e.g., OSCP, OSWE).
* Experience with CTFs, bug bounty programs, or published research.
#J-18808-Ljbffr