Apple is where individual imaginations gather together, committing to the values that lead to great work. Every new product we build, service we create, or Apple Store experience we deliver is the result of us making each others ideas stronger. That happens because every one of us shares a belief that we can make something wonderful and share it with the world, changing lives for the better. Its the diversity of our people and their thinking that inspires the innovation that runs through everything we do. When we bring everybody in, we can do the best work of our lives. Here, youll do more than join something - youll add something.
Software is often referred to as the "soul" of Apples products. This role sits at the intersection of security and software engineering, with direct responsibility for protecting the systems and infrastructure used to manage, build, and distribute Apples software. The Build Security Engineer will conduct threat modeling and security assessments, partner with engineering teams to uphold security standards, and develop technical solutions that strengthen Apples build infrastructure security posture end to end. The Build Security Engineer is a key contributor to the security of Apples software supply chain. This role requires deep technical security expertise applied across threat modeling, offensive security assessments, and the development of security controls - all in close collaboration with the engineering teams who build and maintain Apples most critical software infrastructure. The role also involves creating documentation, mentoring teammates, and staying current with the evolving threat landscape to proactively address risk.Conducts threat modeling and security assessments of critical build infrastructure, regularly updating models to reflect evolving threats and changes in the environment. Collaborates with engineering teams to ensure adherence to defined security standards and requirements, providing guidance on the implementation of security measures. Develops, implements, and maintains technical solutions to mitigate identified security risks within the software build pipeline. Writes and maintains test cases to validate the effectiveness and resilience of security controls. Leads penetration tests and red team exercises with a focus on the software build path and related critical infrastructure. Researches vulnerabilities in critical software components used across the environment and recommends proactive mitigations. Creates and maintains documentation outlining security guidelines and best practices for engineering teams.3+ years of experience in cybersecurity, with hands-on experience in threat modeling, security assessments, or penetration testing Experience in a software engineering or security operations role Experience with scripting or programming languages such as Python or Bash Experience working cross-functionally with engineering teams on security requirements or controlsExperience conducting penetration testing or red team exercises, particularly targeting build pipelines or software supply chain components Experience leveraging LLMs safely to accelerate various security workflows Experience with container orchestration platforms such as Kubernetes Proficiency in additional programming languages such as Go (Golang) or Perl Familiarity with cybersecurity frameworks and standards (e.g., NIST, CIS, SLSA) Experience mentoring engineers or junior security team members on security concepts and best practices Track record of identifying and driving remediation of vulnerabilities in complex software environments Strong written and verbal communication skills with the ability to present technical findings to varied audiences Security certifications such as OSCP or CISSP
We’re a diverse collection of thinkers and doers, continually reimagining what’s possible to help us all do what we love in new ways. The people who work here have reinvented entire industries with the Mac, iPhone, iPad, and Apple Watch, as well as with services, including iTunes, the App Store, Apple Music, and Apple Pay. And the same passion for innovation that goes into our products also applies to our practices — strengthening our commitment to leave the world better than we found it.
There’s a place here for every kind of brilliant. Everyone here is an innovator, or an innovator-to-be, no matter what your team or your role. So bring your passion, courage, and original thinking and get ready to share it, because every new product, service, or feature we invent is the result of people working together to make each others’ ideas stronger. Innovation at this level depends on people who represent the variety of the human experience and inspire us with their own fresh perspectives. Together, we’ll do amazing work that can make a difference in people’s lives. Including your own. Learn more about working at Apple.