Build Security Engineer

The Build Security Engineer is a key contributor to the security of Apple's software supply chain. This role requires deep technical security expertise applied across threat modeling, offensive security assessments, and the development of security controls — all in close collaboration with the engineering teams who build and maintain Apple's most critical software infrastructure. The role also involves creating documentation, mentoring teammates, and staying current with the evolving threat landscape to proactively address risk. Minimum Qualifications 3+ years of experience in cybersecurity, with hands-on experience in threat modeling, security assessments, or penetration testing Experience in a software engineering or security operations role Experience with scripting or programming languages such as Python or Bash Experience working cross-functionally with engineering teams on security requirements or controls Preferred Qualifications Experience conducting penetration testing or red team exercises, particularly targeting build pipelines or software supply chain components Experience leveraging LLMs safely to accelerate various security workflows Experience with container orchestration platforms such as Kubernetes Proficiency in additional programming languages such as Go (Golang) or Perl Familiarity with cybersecurity frameworks and standards (e.g., NIST, CIS, SLSA) Experience mentoring engineers or junior security team members on security concepts and best practices Track record of identifying and driving remediation of vulnerabilities in complex software environments Strong written and verbal communication skills with the ability to present technical findings to varied audiences Security certifications such as OSCP or CISSP