Software Engineer, Trusted Execution (Secure Boot)

About the position

Apple's Trusted Execution team in the Security Engineering and Architecture organization builds the technology that keeps our users safe and care-free while running the software that they want. Our software runs on the execution path for every program on all of our products. We're often referred to as the first line of defense in Apple's defense-in-depth strategy. Our products are infamous within the security community, and each year we push them to the next level. We're a small team with a huge impact. As an engineer joining this team, you would be contributing to the entire system. Interacting with Apple's unique CPU features directly, through the kernel, up through libraries, frameworks and applications. You will have an opportunity to define, design and implement new security technologies for Apple's next generation operating systems and products. Successful candidates will be capable of pursuing challenging wide-ranging engineering problems anywhere in the software stack, determining the appropriate compromise between several often competing factors such as ease of use, performance and of course security. Our environment fosters product innovation, rapid product iteration, and a liberating amount of autonomy in which you will be expected to create and quickly bring to market new security methods and technologies to address the complex needs of mobile and distributed computing. The position will require you to interact with and influence many people from several organizations within and outside the company.

Responsibilities

• Help define the security properties and architecture for the next-generation operating system.
• Design and implement new approaches to securing device boot flow, authenticating OS assets, code signing, execution monitoring, and malware mitigation.
• Come up with new and innovative ways of increasing security and privacy while preserving ease-of-use and growing the quality of the user experience.
• Work cooperatively with other parts of Apple on technologies and initiatives to improve security and drive the adoption of these technologies across the organization.

Requirements

• 5 years of experience as a Software Engineer in a Systems Programming or Kernel Development role.
• Strong understanding of operating systems internals.
• Industry knowledge of OS security and applied cryptography (PKI, Attestations, Public Key Signatures).
• Excellent C and Systems programming skills including secure development practices.

Nice-to-haves

• A passion for crafting effective and pragmatic security technologies in the operating systems arena.
• Experience with at least one constrained runtime environment such as system boot, EFI, firmware, embedded OS, or real-time OS.
• Initiative to provide architectural mentorship to teams lacking resident security expertise.
• Ability to critically analyze security properties of a system via a threat model.
• Understanding of past, current and emerging security exploits.
• Ability to deliver proven work on tight schedules.
• Excellent collaboration skills.

Benefits

• Comprehensive medical and dental coverage.
• Retirement benefits.
• A range of discounted products and free services.
• Reimbursement for certain educational expenses — including tuition.
• Discretionary bonuses or commission payments.
• Relocation assistance.