At Apple, privacy and security aren't features - they're foundational principles. As a Senior Security Software Engineer on our iCloud Security team within Apple Services Engineering (ASE), you'll be part of a small, elite group of engineers building and protecting the infrastructure that hundreds of millions of people trust with their most personal data every single day. If you have a passion for systems-level security software and want your work to matter at a scale very few engineers ever experience, we'd love to talk.
Description
This isn't security work on the margins. You'll be working deep in the stack - interfacing directly with low-level Linux kernel primitives, designing security architecture that operates at global scale, and making critical technical decisions that shape how iCloud protects its users worldwide. You'll be part of a highly skilled team within Apple Services Engineering that provides foundational security infrastructure underpinning consumer-facing iCloud applications and services. The performance and correctness of the systems we build are paramount. We work directly with low-level Linux kernel interfaces, leveraging asynchronous I/O and multithreaded architecture to build high-throughput, low-latency secure services. In this role, you will not only execute on technical deliverables but serve as a key contributor to the architectural and strategic decisions that define the team's direction.","responsibilities":"Architect, develop, and own security-critical systems software underpinning iCloud services used by hundreds of millions of users worldwide
Design and implement token-based authentication and authorization systems with a focus on correctness, performance, and resilience
Work directly with low-level Linux kernel interfaces using asynchronous I/O and multithreaded design patterns to build high-throughput secure services
Lead security design reviews and drive a culture of security excellence across Apple Services Engineering
Partner with cross-functional teams across Apple to identify security risks and deliver solutions that raise the bar for the entire platform
Drive key technical and architectural decisions that influence the team's long-term strategic direction
Preferred Qualifications
Hands-on experience designing or implementing token-based authentication systems such as OAuth, JWT, macaroons, or proprietary token frameworks
Experience with modern security technologies including HSMs, PKI, secrets management, or secure enclaves
Familiarity with additional systems languages including Go, Rust, Swift, or Java
Background in cloud services security, identity and access management (IAM), or internet-scale security infrastructure
Experience building and operating security systems at large-scale production environments
Minimum Qualifications
BS in Computer Science and/or equivalent experience
10+ years of industry experience in systems software engineering
Deep proficiency in C and/or C++ - writing systems-level code, not just calling libraries
Strong networking fundamentals including TCP/IP, TLS, and protocol design
Demonstrated expertise with Unix/Linux internals and operating system concepts
Solid understanding of software security primitives including cryptography, authentication protocols, and secure coding practices
Familiarity with distributed systems design principles and token-based architecture
Strong written and verbal communication skills with the ability to convey complex security concepts to diverse audiences
