Senior Security Engineer, Retail Engineering

As a Senior Security Engineer in Retail Engineering, you\’ll play a pivotal role in securing Apple\’s Retail and Online Store ecosystem – from flagship customer experiences to the critical backend systems that support transactions, customer data, and operational infrastructure.

Description

• Influence the development of secure architecture through security requirements, architecture reviews, and threat modelling.
• Act as a security partner to engineering teams, embedding yourself into their workflows and guiding secure-by-design principles.
• Build and maintain trusted relationships across engineering, product, and security functions.
• Conduct red team engagements that simulate real-world threats, then translate findings into actionable insights and learning opportunities for engineering teams.
• Perform in-depth security assessments and technical deep dives across a broad spectrum of technologies, ranging from web applications to cloud infrastructure, cryptographic protocols to AI and machine learning.
• Develop and maintain custom tools to enable a more effective, efficient, and scalable security program.
• Deliver technical guidance, workshops, and training sessions to upskill engineering teams in secure development practices.
• Drive security initiatives aimed at measurably improving the organization\’s security posture.
• Thrive in a fast-paced environment with shifting priorities, seamlessly context-switching across multiple projects, technologies, and threat landscapes.

Apple is seeking candidates who have:

• A passion for information security.
• Proven experience collaborating with engineering teams to integrate security throughout the software development lifecycle.
• Deep technical understanding of web, infrastructure, mobile, network, and cloud security principles.
• Adaptability and curiosity to learn new technologies, platforms, and threat landscapes.
• Proficiency in scripting and programming (e.g., Go, Java, JavaScript, Python).

Additional Requirements

• Ability and willingness to work both from the office and from home.
• Occasional international travel may be required.

Minimum Qualifications

• Experience in a security engineer, security consultant, security architect, penetration tester, or similar role.
• Expertise in threat modelling, secure architecture design, and reviewing complex systems.
• Strong capability in penetration testing applications, infrastructure, and cloud environments.
• Excellent written and verbal communication skills.

Preferred Qualifications

• Bachelor\’s degree in Computer Science or related field (or equivalent experience).
• Relevant certifications (e.g., OSCP, OSWE).
• Experience with CTFs, bug bounty programs, or published research.

#J-18808-Ljbffr