Penetration Tester, Retail Engineering

Penetration Tester, Retail Engineering

Austin, Texas, United States

In a fast-evolving digital world, our team seeks a Security Penetration Tester to take on emerging cyber threats. With us, you'll play a pivotal role in safeguarding Apple's Online Store, Apple Store App, flagship Retail locations, and vital backend customer and payment systems. You'll get to dive into groundbreaking technologies, collaborate with industry experts, and safeguard critical digital assets. Join us to turn your skills in code analysis, penetration testing, and security research into impactful results. If this sounds like a role for you, we would love to meet you!

Responsibilities

As a penetration tester, you can expect to do the following :

• Conduct manual penetration testing against web applications, APIs, cloud environments, infrastructure, mobile applications, and custom technologies.
• Communicate these findings in high-quality reports and presentations.
• Provide security advice and partnership to engineering teams and non-technical partners.
• Develop scripts and tooling to augment penetration testing activities or demonstrate proof of concepts.
• Source code review of large sophisticated applications.
• Become a domain expert for colleagues in an area of security and penetration testing, shape security requirements, technical documentation, and testing methodology. Guide others and share expertise.

Minimum Qualifications

In-depth knowledge of web application security, system and infrastructure security, expertise in a specialist security topic such as cloud security, mobile security, container security, etc. Ability to read and understand source code (Java, JavaScript, Go, etc), and find vulnerabilities in sophisticated code bases. Strong understanding of fundamental computing, database, networking, and security concepts. 1 year of Penetration Testing experience.

Preferred Qualifications

Passion for information security, particularly in penetration testing. Ability to learn new skills, concepts, and technologies. Strong written and verbal communication skills, ability to communicate vulnerabilities to a variety of partners. OSCP or OSWE certification (preferred). Experience with CTFs or hacking labs. Proficiency in MacOS and other Unix-based systems. Ability to grasp large sophisticated systems and context-switch when needed. Programming / scripting skills (Python, JavaScript, Go, etc). Knowledge of cloud architecture and security. Publications, security research, bug bounties, or CVEs are highly regarded. Bachelor's in Computer Science or equivalent.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or other legally protected characteristics.