Apple

Are you a big-picture visionary who understands how each element affects all the others? At Apple, our Security Engineering and Architecture - Firmware Security group is responsible for connecting our hardware and firmware into one unified system. You’ll join a team of engineers who are dedicated to securing the world’s most advanced consumer devices. Our products are trusted for storing personal data, and our goal is to better safeguard our users. We're looking for talented and inspired individuals to help raise the bar on the security of Apple's products. In this role, you will produce platform level security requirements for new products, and drive adoption of platform level security architectures incorporating hardware, firmware, and server elements, ensuring that we continuously enhance security standards. Together, our work will be the reason millions of customers feel they can trust their devices every single day.

As a member of Security Engineering and Architecture - Firmware Security, you will: Drive cross-functional teams throughout the product development cycle to resolve system-level issues without sacrificing the security architecture Collaborate with other security architects and researchers across Apple including OS, SOC, and product groups, on this high-visibility team Develop threat models and associated security architectures for exciting new Apple products and technologies, derive system security requirements, and design appropriate mitigations Use all of your skills to champion adoption of our elite security technologies including golden unit tests, reference data, or sample libraries to aid integration across team boundaries (e.g. client/server) Define and document secure architectures, and facilitate creation of certificate hierarchies employed in secure personalization, provisioning, and calibration systems Reduce development friction imposed by security policy through identification and prototyping of tools and process improvements Skills & Requirements

• 5-10+ years experience


• Ability to effectively lead cross-functional initiatives


• Initiative to provide architectural mentorship to teams lacking resident security expertise


• Breadth to work multi-functionally with Privacy, Safety, and Information Security teams to resolve system-level security issues


• Strong written and oral communications skills


• Ability to critically analyze security properties of a system via a threat model


• Knowledge of basic cryptography principles (e.g., symmetric vs asymmetric crypto, encryption vs authentication)


• Familiarity with programming and hardware description languages a plus

BSCS, BSCE or equivalent + 510 years onthejob security engineering experience required.