Security Researcher - Offensive Tooling H/F - 75

As part of Apple's Security Engineering & Architecture (SEAR) organization, you'll join our mission to create the world's most secure products. We are committed to creating groundbreaking tools that enable our security researchers to delve deep into our numerous codebases and frameworks to identify any security concerns efficiently. We are seeking a motivated individual to explore and improve our offensive security capabilities with a strong emphasis on designing, developing, and state-of-the-art tools using a broad range of analysis approaches.You will collaborate closely with an extraordinary team of vulnerability researchers to gain a deep understanding of the attack surface across Apple's full stack - from silicon and boot ROMs to firmware, kernels, and user applications. As the primary focus, you will design, develop, maintain, and enhance security analysis tools. Using a wide range of static and dynamic techniques on both source code and binaries, you will create and contribute to innovative solutions for unique security challenges, and scalable solutions to efficiently analyze sophisticated systems. Your work will directly amplify the team's impact on variant analysis or regression prevention, and will empower researchers with ground breaking methods and automation for streamlined vulnerability finding. You will also partner with other security researchers, applying offensive tooling to real-world security evaluations. This hands-on application will demonstrate tools effectiveness and provide valuable feedback for continuous improvement. Your contributions will directly impact our ability to proactively secure Apple products. We will consider this position to be Remote depending on talent experience.
- Strong programming skills (C/C++, Python, Swift/Rust)
- Proven experience in security-oriented tool development and real-world usage (static/dynamic approaches, source/binary analysis)
- Autonomous drive and collaborative mindset

- Understanding of Vulnerability Research, tools and methodologies
- Experience with DevOps and related environments
- Low-level understanding of security mitigations deployed in at least one major operating system

At Apple, we're not all the same. And that's our greatest strength. We draw on the differences in who we are, what we've experienced, and how we think. Because to create products that serve everyone, we believe in including everyone. Therefore, we are committed to treating all applicants fairly and equally. We will work with applicants to make any reasonable accommodations.