Key Qualifications

• Strong curiosity about and understanding of basic security concepts: confidentiality, integrity and availability.
• Ability to read and understand code written in one or few high level programming languages e.g. C++, Java well enough to locate and explain bugs
• An attacker mentality - exhibit the ability to find and exploit hidden vulnerabilities & abuse logical flow
• Deep level of curiosity and solid ability to decompose systems

Description

We are breakers. We are looking for a highly motivated early career security engineer. As an engineer on this team, you will participate in in-depth reviews of the architecture, design and implementation of Apple’s revolutionary mobile solutions for payment, access, transit and identity. You’ll pentest live systems, threat model and analyze new experiences as they’re being crafted and review code for security gaps.We aren’t builders. While we offer design and fix advice to engineering teams, we aren’t a development team. We generally spend none of our time coding and don’t need a dedicated developer.

Education & Experience

No specific requirements

Additional Requirements

• 100% NOT REQUIRED
• This section covers areas of background that could help but are nice to have. We aren’t going to interview for these skills so think of them as areas of interest.
• If you’ve participated in some Capture The Flag (CTF) contests, you’ve already tried to break into live systems with potentially unknown capabilities. That attitude will help you understand how an attacker might try to penetrate our systems.
• If you’ve researched secure communication protocols, you’ll see how data can be sent securely even in the presence of attackers.
• If you’ve developed at all on embedded systems (Arduino? Raspberry Pi?), you’ll have a feel for how code operates in resource constrained environments and how that might affect security.
• We often have to tell developers that they have bugs. To help with this, you’ll need to be able to clearly communicate across many teams and sometimes to senior leadership.
• We sometimes write or modify simple python scripts.