Summary
Seeking a Build and Compute Systems Security Reviewer to act as a technical lead for securing critical systems like build and signing infrastructure, and private cloud compute. The role involves collaborating with engineering teams to analyze systems, perform threat modeling, identify vulnerabilities, and implement security controls. You will drive the adoption of new security technologies and lead significant security initiatives.
Required Skills
Security ArchitectureThreat ModelSoftware Supply Chain
Description
You will be a technical lead responsible for securing high priority systems including build and signing infrastructure and private cloud compute.
Work cooperatively with other parts of Apple on a broad range of technologies and initiatives to enhance security.
Design new and innovative ways of utilizing secure compute infra while preserving engineering ease-of-use and development velocity.
Work with engineers to analyze systems, threat model new components, identify security vulnerabilities in implementation, and recommend security controls to ensure security and integrity.
Evangelize and drive the adoption of these technologies across the organization.
Lead ground breaking security efforts at a scale only found at Apple.
Proficient in security architecture design and review of complex server/infrastructure projects
Familiarity with creating threat models for complex software products
Influences and collaborates with colleagues (engineering teams) and decision makers to develop secure solutions and to accomplish security goals
An understanding of past, current, and emerging software supply chain attacks/threats
Experience applying security engineering to software build and delivery pipelines
Excellent at multitasking, organizing, and prioritizing complex projects to meet deadlines
Background in secure coding, code auditing, and software security testing
Experience designing high availability systems incorporating confidential compute, HSMs, and similar components.
Proficiency in macOS and/or Linux internals and modern mitigation techniques
Programming background in Objective-C, Python, Ruby, Swift, or other similar language