Secure Systems Engineer - Platform Architecture
Apple
Software Engineering, IT
Beaverton, OR, USA
Posted on Jan 22, 2025
Summary
Posted:
Role Number:200587712
Are you a big-picture visionary who understands how each element affects all the others? At Apple, our Platform Architecture group is responsible for connecting our hardware, software, and servers into one unified system. You’ll join a team of architects who are dedicated to securing the world’s most advanced consumer devices. Our products are trusted for storing personal data, and our goal is to better safeguard our users. We're looking for dedicated and inspired individuals to help raise the bar on the security of Apple's products.
Description
In this role, you will define the architecture and oversee the operation of distributed web services that set and enforce security policy for the development, manufacture, deployment, and operation of Apple products, ultimately driving continuous security improvements for these products. Together, our work will be instrumental in maintaining the trust millions of customers place in their devices every day. As a member of Platform Architecture, you will: • Lead cross-functional teams throughout the product development cycle to resolve system-level issues without sacrificing product security or impacting world class product design. • Identify emerging threats, develop threat models, and define security architectures for exciting new Apple products and technologies. Derive system security requirements, and design balanced and novel mitigations in creative collaboration with iconic product and engineering teams. • Develop detailed system-level specifications to guide product development, integration, and quality assurance teams in the creation of golden unit tests, reference data, and sample libraries to aid integration of our security technologies across team boundaries (e.g. client/server). • Drive security requirements and architecture into web application services that play a pivotal role in the development, manufacture, deployment, and operation of Apple Products. • Use a wide range of interpersonal and technical skills to champion adoption of our industry leading security technologies across multiple product categories.
Minimum Qualifications
- BS and 10+ years of relevant industry experience.
- Experience in designing, developing, and deploying backend web services including API design or scalable infrastructures for highly available applications.
- Experience with common programming languages such as Python, Go or C/C++.
- Experience in implementing and managing DevOps practices. Such as continuous integration/continuous deployment (CI/CD), infrastructure as code (IaC), or automation of development, testing, and deployment pipelines.
Key Qualifications
Preferred Qualifications
- Masters in EE/CE.
- Ability to effectively lead cross-functional initiatives and to provide architectural guidance to teams lacking resident security expertise.
- Breadth to work cross-functionally with Infrastructure, Privacy, Safety, Service, Manufacturing, Software, and Product Development teams to resolve system-level security issues.
- Strong written and oral communications skills across multiple levels.
- Ability to critically analyze security properties of web service architectures, hardware, and software systems in order to build a comprehensive threat model. (e.g. familiarity with common threat modeling methodologies such as STRIDE)
- Knowledge of basic cryptographic principles (e.g., symmetric vs asymmetric crypto, encryption vs authentication, secure boot, and PKI frameworks) and familiarity with HSM-based security applications and/or data center management and security expertise.
Education & Experience
Additional Requirements
Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.