Security Engineer - Ad Platforms
Austin, Texas, United States Software and Services Summary Posted:
Mar 27, 2025 Weekly Hours:
40 Role Number:
At Apple, we work every single day to build products that enrich people's lives. Our Advertising Platforms group makes it possible for people around the world to easily access informative and visionary content on their devices while helping publishers and developers promote and monetize their work. Our technology makes advertising possible on the App Store, Apple News, Stocks, and Apple TV. We help developers and marketers of all sizes drive app discovery across the App Store. Our display ads on Apple News and Stocks let advertisers promote their products alongside trusted content from the world's best journalists. Sponsorship integrations and experiences in live sports on Apple TV help advertisers connect with passionate fans. Everything we do is with the unwavering commitment to privacy you expect from Apple. Because when advertising is done right, it benefits everyone.
Description We're seeking an Information Security engineer who is passionate about protecting our critical infrastructure and services. As an Information Security engineer, you will collaborate with engineering leaders, developers, quality engineers, and security teams to secure Ad Platforms' applications and services, present and future. Your responsibilities will include assessing the risk landscape for products, and helping drive risk mitigation. You will work with partner teams on security tools, penetration testing, and security testing methodologies to keep Ad Platforms services secured. You'll experience a constantly evolving technology and threat landscape and contribute to the education of teams on compliance activities throughout the development lifecycle. You should expect to be exposed to a broad range of systems, including web applications, big data, distributed processing, and virtualized environments. RESPONSIBILITIES INCLUDE - Conducting security reviews of the service stack, including applications built on cloud and new technologies - Helping build new security tooling and services to support developers at scale - Performing security testing on new applications, products, and features before they are released - Reviewing source code for potential security issues - Designing and automating security test cases to check for vulnerabilities or broken/missing security controls - Providing specific risk assessment and remediation guidelines for developers and business owners - Triaging and reviewing findings from security tools including static and dynamic scanners - Researching the latest security best practices, trends, threats and vulnerabilities, and technology frameworks - Documenting and disseminating security guidelines for common security issues, remediation guidance, and security baselines - Working with developers to provide security guidance and mentor them on secure development practices - Developing tools and exploits to support security testing - Writing automations to streamline common tasks, tests, workflows, etc. - Keeping up with industry trends in security technology and threats
Minimum Qualifications - 4+ years of relevant Information Security experience
- Proficient with a scripting language (e.g., Python, Bash, Go).
- Experience with Java or Javascript
- Passion for understanding and researching vulnerabilities and exploitation techniques
- Knowledge of development and integration tools and technologies (e.g. CI/CD)
- Knowledge of securing applications in cloud (i.e. Docker, Kubernetes)
- Experience with common security tools i.e. SAST or DAST
- Understanding of core networking concepts (firewalls, load balancers, etc)
- Understanding of cryptography
- A strong understanding of web application security threats, exploits, prevention (Injection, platform hardening, etc)
- Prior experience/background in web application development
- Ability to triage, reproduce, and recommend remediations for vulnerabilities
- Excellent communication and interpersonal skills
Preferred Qualifications - 7+ years of relevant Information Security experience
Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics.Learn more about your EEO rights as an applicant.
Apple Footer Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant (Opens in a new window) .
Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants. United States Department of Labor. Learn more (Opens in a new window) .
Apple participates in the E-Verify program in certain locations as required by law. Learn more about the E-Verify program (Opens in a new window) .
Apple is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. Reasonable Accommodation and Drug Free Workplace policy Learn more (Opens in a new window) .
Apple is a drug-free workplace. Reasonable Accommodation and Drug Free Workplace policy Learn more (Opens in a new window) .
Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. If you're applying for a position in San Francisco, review the San Francisco Fair Chance Ordinance guidelines (opens in a new window) applicable in your area.
It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.