Security Engineer- Apple Maps

Security Engineer- Apple Maps

Apple Maps Security seeks security engineers to partner with engineering teams developing new products and features. We work directly with developers, site reliability engineers, and security teams to protect Maps services and build a secure foundation. In this role, you deliver end-to-end security assurance, drive security architecture, conduct threat modeling, lead security testing, and manage risk. We collaborate with partners in Infosec, privacy, and legal to keep Apple services secure for users. Ready to drive impactful security improvements at Apple Maps? Apply now and join our team!

An architect in the Maps Security team will lead security architecture reviews across diverse application stacks, develop tooling and frameworks to streamline the security testing and validation process, identify systemic issues and drive improvements, mentor developers and peers to adopt a security mindset and practices. Key responsibilities include developing and executing security cases to uncover vulnerabilities and missing controls. You will deliver actionable risk assessments and remediation guidance to developers and leadership as a trusted advisor. The role involves performing source code analysis and adversary simulation across applications, APIs, and environments. You will design robust defenses and secure-by-design solutions. Staying informed about emerging threats and translating insights into enhanced security measures is essential. You will author security guidelines, baselines, and playbooks to elevate organizational standards.

Application and Infrastructure Security expert with 10+ years' experience.

Deep understanding of web application security threats, exploits, and prevention.

Ability to triage, reproduce, and recommend remediations for vulnerabilities

Experience in adversary simulation and threat modeling.

Driven to research vulnerabilities and exploitation techniques.

Knowledge of development and integration tools and technologies (e.g., CI/CD)

Familiar with static and dynamic application security tools (e.g., Checkmarx, Qualys).

Know test automation frameworks for security QE and networking concepts.

Collaborate cross-functionally to foster innovation with robust protection

BS/MS in Computer Science or relevant industry experience.

Assess emerging GenAI attack surfaces - such as prompt injection, data exfiltration, and model inversion -and implement appropriate safeguards-such as input validation, data monitoring, and regular model auditing-for LLM-powered applications.

Understand model lifecycle security, secure fine-tuning, and ML/AI governance frameworks.

Keep security simple, scalable, and effective by building foundational practices that engineers embrace.

Keeps up with industry trends in security technology and threats

Secure infrastructure in public cloud environments, including AWS, Azure, and Google Cloud.