About the position
People at Apple don’t just build products — they craft the kind of experience that have revolutionized entire industries. The diverse collection of our people and their ideas inspire innovation in everything we do. Imagine what you could do here! Join Apple, and help us leave the world better than we found it. The Apple Service Engineering (ASE) team builds and provides systems and infrastructure that fuel Apple’s services (such as iCloud, Apple Music, Apple Fitness, and Apple TV). We are the foundation on which Apple’s software developers build the products that our customers love. Our services have to scale globally, stay highly available, and 'just work.' We are looking for a passionate and dedicated Senior Software Engineer who will focus on creating fundamental security services, addressing identity and authorization challenges on a large scale within the ASE organization. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience in large-scale operations.
Responsibilities
- Ensure that customers adhere to the latest and most effective security practices for addressing identity and authorization challenges.
- Collaborate with cross-functional teams to design and implement systems to bolster overall security posture throughout the organization.
- Define, advocate, and drive the adoption of a standardized set of minimum security requirements while monitoring progress.
- Set high standards and influence the future of security protocols.
- Guide engineering teams in incorporating secure practices and tools into their development processes.
Requirements
- 7+ years of software development or production operations experience in a large-scale environment.
- Strong programming skills in Golang and/or Java.
- Proven experience building and operating large scale, highly available, distributed, and fault tolerant systems.
- Experience with Kubernetes, Docker, and containerization.
- Knowledge of securing APIs, including input validation, authentication, and authorization mechanisms for RESTful and gRPC APIs.
Nice-to-haves
- Hands-on experience with Systems, including the ability to configure and troubleshoot system initialization processes.
- Understanding of network security principles, protocols, and technologies, including firewalls, VPNs, and secure communication channels.
- Familiarity with incident response processes and the ability to respond to security incidents effectively.
- Knowledge of cryptographic algorithms and protocols for securing data, including TLS/SSL, digital signatures, hashing, and encryption.
- Knowledge of authentication and authorization mechanisms, including OAuth, JWT, and other identity management protocols.
