Software Engineering - Offensive Security Tooling Internship

Descripción del puesto:

Apple's Security Engineering & Architecture organization is responsible for the security of all Apple products. Passionate about safeguarding our users, we believe that the best defense requires a phenomenal offense. When it comes to securing more than a billion devices running the world's most sophisticated operating systems, that means finding vulnerabilities first. This internship focuses on improving in-house dynamic binary instrumentation (DBI) and tracing framework. The goal is to integrate an analysis engine that can reason at a semantic level to unlock powerful new capabilities, such as taint tracking and dynamic symbolic execution. Your work will directly be applied to our team targets, to discover and analyze complex security vulnerabilities in a scalable way.

Description

This internship offers a unique opportunity to blend offensive security research with system development. You will begin by familiarizing yourself with an in-house tracing and Dynamic Binary Instrumentation (DBI) framework, then integrating an analysis engine abstracting instruction semantics to serve as the foundation for new features. Building on this, you will design and implement advanced capabilities like taint tracking and backward slicing to trace complex data flows. A core part of your role will be to apply these new tools and methods to the team's real-world challenges, helping to uncover new bugs, facilitate exploitation, and capture critical knowledge on program behaviors. You will also extend the framework's deployment capabilities to support custom analysis environments, a task that requires a deep dive into OS internals and kernel/userland interactions. Throughout the internship, you will work alongside other offensive security researchers on your missions.

Minimum Qualifications

* Strong software engineering skills
* Strong understanding of computer architecture
* Proficiency in one or more programming languages, for example C, C++, or Swift
* Autonomous drive and a collaborative mindset

Preferred Qualifications

* Knowledge of operating system internals
* Experience with program analysis concepts, for example Dynamic Binary Instrumentation, Taint Analysis, Symbolic Execution