Back to search
Apple Linkedin · Posted 21d ago

Senior Security Researcher – Red Team

Herzliya

Linkedin
Continue to application Add your email once, then Caio opens the original posting.

Indexed description

Summary
Help Apple secure the world’s most advanced consumer devices, which people trust to store their personal and professional data. We believe that the best defense is a good offense, and that means finding vulnerabilities before attackers do. We're looking for talented and inspired individuals to join our team and attack Apple's products with the goal of better safeguarding our users.

Description
We are looking for a Senior Security Researcher to join our specialized Red Team. In this role, you will focus on the complex boundary where hardware meets software. You will hunt for vulnerabilities in the microarchitecture, memory management, and execution pipelines of modern CPUs and GPUs, as well as in the low-level code which runs on it. If you enjoy bridging the gap between hardware primitives and kernel-level exploits, and have a passion for uncovering side-channels or architectural logic flaws, this is the team for you.

Responsibilities

  • Architectural Red Teaming: Design and execute targeted adversarial campaigns against the hardware/software interface of modern SoCs, specifically focusing on CPU and GPU.
  • Vulnerability Discovery: Conduct deep-dive vulnerability research into microarchitectural behaviors, side-channels, and hardware-assisted security features.
  • Exploit Development: Develop proof-of-concept exploit chains that bridge hardware vulnerabilities into kernel space, demonstrating real-world impact.
  • GPU & Compute Security: Analyze GPU driver interfaces, command processors, and execution units, particularly in the context of modern compute workloads and hardware acceleration.
  • Mitigation Bypass & Analysis: Evaluate and attempt to bypass modern hardware mitigations (e.g., Pointer Authentication, Memory Tagging, virtualization boundaries).
  • Cross-Functional Collaboration: Partner with hardware engineering and software kernel teams to translate your red team findings into robust, architectural-level mitigations.

Minimum Qualifications
  • Deep Architectural Knowledge: Strong understanding of modern CPU architectures (pipeline stages, caching mechanisms, MMU, speculative execution). Extensive familiarity with ARM v8/v9 or x86 instruction sets.
  • GPU/Compute Expertise: Proven understanding of GPU architectures (execution pipelines, memory hierarchies) and how software interfaces with them (e.g., driver vulnerability research, compute batching, memory isolation).
  • Low-Level Software Mastery: Proficiency in C, C++, and Assembly. Deep understanding of operating system internals, kernel architecture, and memory management.
  • Proven Track Record: Demonstrable experience in discovering vulnerabilities or developing exploits at the OS/Hypervisor level, or in hardware-software interfaces (CVEs, bug bounties, conference talks, or whitepapers).

Preferred Qualifications
  • Experience with hardware description languages (Verilog/VHDL) or pre-silicon security validation.
  • Experience with confidential computing environments.
  • Familiarity with the security implications of AI/ML hardware accelerators and complex GPU workloads (e.g., memory handling in PagedAttention or Mixture of Experts).
  • Familiarity with reverse engineering tools (IDA Pro, Ghidra) and dynamic analysis/debugging tools.

At Apple, we believe accessibility is a fundamental human right. You’ll find that idea reflected in everything here — in our culture, our benefits and our digital tools. By welcoming as many perspectives as possible, we help you build a career where you feel like you belong.

Learn about accessibility in Apple’s workplace

Role Number: 200669536-0865

Free. 20 seconds. No password. See every match in this search.

Create a free Caio profile to unlock more results and save your role and location preferences.

Unlock free search
Want help applying to roles like this? Search Caio for free. If CV tailoring and application tracking get heavy, Full Caio Agent adds a human specialist.
View Full Agent