Senior Software Engineer

The Apple Service Engineering (ASE) Security team builds and provides secure systems and infrastructure that fuel Apple's services (such as iCloud, Apple Music, Apple Fitness, and Apple TV). We are the secure foundation on which Apple's software developers build the products that keep our customers safe and secure. The ASE Security Frameworks team is expanding and we looking for a passionate and dedicated Senior Software Engineer who will focus on creating fundamental security services, addressing identity and authorization challenges. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience in large-scale operations., As a Senior Software Engineer on the ASE Security Frameworks team, you will play a crucial role in ensuring our customers adhere to the latest and most effective security practices for addressing identity and authorization challenges. Collaborating with cross-functional teams, you will be responsible for designing and implementing client libraries and SDKs to bolster our overall security posture throughout the organization. Your duties will include building Security Frameworks in multiple languages (Java, Go, Swift, Rust, TypeScript) and working with our partner engineering team to ensure that these frameworks are integrated into our partner team's services to perform request verification, token issuance and exchange, authentication, authorization, durable decision logging, policy updates and caching. You will set high standards and deliver on ASE's vision for our security protocols, working with engineering teams as they incorporate secure practices and tools into their development processes.

• 8+ years of software development or production operations experience in a large-scale environment

• Bachelor's Degree or equivalent experience preferred

• Strong programming skills in Golang and Java, ability and willingness to learn Swift, Rust, Python and TypeScript as you will be building client frameworks for customers operating in all of these languages

• Experience building and operating high-performant client SDKs and libraries with features such as caching, online and offline configuration updates, major version releases, breaking changes, feature flagging and similar concepts

• Knowledge of securing APIs, including input validation, mTLS, authentication, and authorization mechanisms for RESTful and gRPC APIs

Preferred Qualifications

• Experience designing and implementing SDK architecture patterns including dependency injection, plugin systems, retry logic, and error handling strategies

• Deep understanding of Identity and Access Management (IAM) concepts including RBAC, ABAC, OAuth, OpenID Connect, as well as Policy-as-Code systems like Open Policy Agent and Rego

• Knowledge of client-side security best practices including secure credential storage, token refresh patterns, and protection against common attacks (CSRF, XSS, token leakage)

• Experience with cross-platform SDK development and maintaining API consistency across different programming languages and runtime environments

• Understanding of backward compatibility strategies for SDK versioning, deprecation policies, and migration paths for breaking changes

• Experience with monitoring and telemetry in client libraries including error reporting, usage analytics, and performance metrics collection