Apple Services Engineering Security org's workload Identity team needs to manage and establish identities for software applications, services, and containers to securely access cloud resources, ensuring proper authentication and authorization without manual credential management. They are looking for a Senior Staff Software Engineer to focus on creating fundamental security services and addressing identity challenges at scale within the ASE organization, ensuring customers adhere to the latest security practices.
Requirements
- Must have strong programming skills in Golang, as you’ll be working extensively with Go-based applications
- Proven experience building and operating large scale, highly available, distributed, and fault tolerant systems
- Excellent understanding of operating systems concepts including multi-threading, memory management, networking and storage, performance and scale
- Experience with Kubernetes, Docker, and containerization (CNCF Kubernetes Developer or equivalent)
- Knowledge of securing APIs, including input validation, authentication, and authorization mechanisms for RESTful and gRPC APIs
- Hands-on experience with Systems, including the ability to configure and troubleshoot system initialization processes
- Understanding of network security principles, protocols, and technologies, including firewalls, VPNs, and secure communication channels
Responsibilities
- defining, advocating, and driving the adoption of a standardized set of minimum security requirements while monitoring progress
- guiding engineering teams as they incorporate secure practices and tools into their development processes
- creating fundamental security services
- addressing identity challenges on a large scale
- ensuring our customers adhere to the latest and most effective security practices for addressing identity
Other
- 7+ years of software development or production operations experience in a large-scale environment
- BS/MS in Computer Science or equivalent experience
- Familiarity with incident response processes and the ability to respond to security incidents effectively
- Knowledge of cryptographic algorithms and protocols for securing data, including TLS/SSL, digital signatures, hashing, and encryption
- Knowledge of authentication and authorization mechanisms, including OAuth, JWT, and other identity management protocols
