Browser Security Researcher

Summary

Posted: Jun 5, 2024

Weekly Hours: 40

Role Number:200553732

Apple's Security Engineering & Architecture organization is responsible for the security of all Apple products. Passionate about safeguarding our users, we believe that the best defense requires a great offense. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first. Can you make a difference on this scale? Join our extraordinary team of security researchers and help protect all Apple users.

Description

Our team focuses on securing Apple products, from microarchitecture to applications such as Safari, Mail, and Messages. Evaluating the security of iOS and macOS kernels, boot ROMs, firmware and hardware are all included in the scope of the team. Working alongside a wide variety of teams and vendors, your influence will be felt throughout Apple's products such as the iPhone, iPad, Mac, and Apple TV. As a member of the team, one of your principal responsibilities will be to conduct vulnerability research on Apple browser applications and their underlying software components (WebKit, JavaScriptCore, etc). Analyzing and exploiting vulnerabilities is also a key element of the role. This position requires someone with strong technical skill, who is creative and has a desire to secure systems by showing how they can be broken. If this is you, we'd love to hear from you.

Want more jobs like this?

Get Software Engineering jobs in Seattle, WA delivered to your inbox every week.

Get Jobs

Send me The Muse newsletters for the best in career advice and job search tips.

By signing up, you agree to our Terms of Service & Privacy Policy.

• Experience in and a passion for vulnerability research and exploitation, targeting web browsers and related technologies
• Strong familiarity with vulnerability classes such as stack and heap based buffer overflows, object lifecycle issues, and logic errors along with practical experience with exploitation techniques applied to browser security
• Knowledge of the security architecture of web browsers, for example sandboxing mechanisms, inter-process communication, and JavaScript JIT compilation vulnerabilities.
• Experience with fuzzing browser platforms and conducting root cause analysis of results
• Proven problem-solving and analytical skills
• Excellent written and verbal communication skills

• Experience evaluating the security of Apple products
• Experience auditing and exploiting large modern C++ code bases
• Familiarity with tool development, using programming languages such as C, C++, Python, Swift, Objective-C

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $166,600 and $296,300, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple's discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple's Employee Stock Purchase Plan. You'll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses - including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits.

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

• Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.