Back to search results

Security Domain Expert, Perimeter and Network Security, Enterprise Technology Services

Sunnyvale, California, United StatesSoftware and Services

Submit Resume

Summary

Posted: Apr 24, 2026

Weekly Hours: 40

Role Number:200658647-3956

At Apple, new insights often become revolutionary products, services, and customer experiences very quickly. Bring passion and dedication to your job, and there's no telling what you could accomplish. The Emerging Technologies team within IS&T specializes in building forward-looking, extremely scalable systems and solutions in two areas: Information Security and general-purpose, reusable platforms in the space of Integration and Orchestration. The team has a passion for solving challenging problems, exploring new domains, and engineering transformational solutions. We operate with a startup mindset — lean teams, high ownership, and technical leaders who flex across domains to build and scale new capabilities.

Description

The Emerging Technologies team is seeking a Security Domain Expert to serve as the outward face and technical authority of Apple's perimeter and network security platform. You will represent the team across Apple — in architecture forums, security reviews, and leadership briefings — bringing deep expertise in perimeter security, proxy technologies, and threat mitigation to every engagement.
This role requires hands-on experience with the technologies at the heart of our platform — proxies, origin, edge, application load balancers, service mesh, API & AI security gateways, WAF, DDoS mitigation, bot prevention, TLS termination/origination, and security policy enforcement across protocols (TCP, UDP, HTTP/HTTPS). You will apply that expertise to advise partner teams on how our security capabilities address their traffic and security challenges, and to represent the team's technical perspective in cross-organizational forums.
You will also serve as the bridge between our engineering team and the broader Apple ecosystem — working directly with application teams to understand their security requirements, synthesizing cross-team needs to inform platform strategy and roadmap, and translating technical security concepts into clear narratives for leadership. This role spans deep technical engagement with security and infrastructure teams through to executive communication in equal measure.

Responsibilities

• Serve as the domain authority for perimeter and network security across the Emerging Technologies organization — providing expert guidance on WAF, DDoS mitigation, bot prevention, TLS management, real-time threat intelligence, and security policy enforcement across proxy tiers.
• Represent the security platform in architecture forums, security reviews, cross-organizational reviews, and leadership briefings — serving as the team's technical voice in all external settings.
• Advise application teams across Apple on their traffic patterns and security requirements, articulating how the platform's capabilities — across edge proxies, origin/application load balancers, service mesh, and API & AI security gateways — address their specific needs.
• Evaluate emerging threats, attack vectors, and defensive technologies — bring industry perspective to shape the team's security strategy and keep Apple's defenses at the forefront.
• Drive alignment on cross-organizational security initiatives — build consensus on priorities, trade-offs, and sequencing for efforts that require coordinated action across security, infrastructure, SRE, cloud, and application teams.
• Synthesize cross-team intelligence — bring insights from partner engagements and organizational priorities back to the engineering team to inform and influence platform strategy and roadmap direction.
• Partner with the platform architect and engineering managers to ensure the team's technical direction — defense-in-depth strategy, threat coverage, and platform evolution across on-premises and cloud environments (GCP, AWS) — reflects real-world security needs.
• Contribute to technical design reviews and security architecture discussions, bringing the external perspective of partner team requirements and cross-organizational constraints.
• Assess gaps in cross-organizational security coverage; proactively recommend solutions and drive remediation in partnership with the engineering team.
• Translate complex perimeter security concepts into clear, compelling narratives for audiences ranging from engineers to senior leadership.
• Mentor and elevate team members in security domain knowledge, cross-functional engagement, and stakeholder communication.

Minimum Qualifications

• Bachelor's degree in Computer Science, Computer Engineering, Cybersecurity, or equivalent technical discipline.
• 12+ years of experience in security engineering or security architecture, with a strong hands-on technical foundation.
• Deep expertise in perimeter and network security — WAF design, DDoS mitigation strategies, bot detection techniques, TLS/mTLS, TCP/IP, HTTP/HTTPS, and DNS security.
• Strong understanding of proxy technologies (NGINX, Envoy, HAProxy) across edge, origin, service mesh, and API gateway tiers — including how security controls are implemented and enforced at the proxy layer.
• Experience with security policy enforcement and configuration management across distributed infrastructure at scale.
• Familiarity with systems that span on-premises data centers and public cloud environments (GCP, AWS).
• Proven experience representing a security team as a domain authority — in architecture reviews, security forums, executive briefings, and cross-organizational planning.
• Experience working directly with application and infrastructure teams to understand their traffic and security requirements and design integrated solutions.
• Ability to communicate complex security topics with equal clarity to engineers and senior leadership.
• Track record of influencing security direction and outcomes across organizational boundaries without direct management authority.
• Excellent written and verbal communication skills.

Preferred Qualifications

• * M.S. in Computer Science, Computer Engineering, Cybersecurity, or Information Security.
• * Experience with proxy engine internals — C, C++, Lua, or WASM-based customization of NGINX, Envoy, or similar engines for implementing security controls in the runtime data path.
• * Experience with L4/L7 proxy architectures, protocol-level security, and load balancing strategies.
• * Understanding of orchestration/control plane systems for security policy distribution and lifecycle management at fleet scale.
• Familiarity with OWASP threat models, CVE analysis, threat landscape trends, and security incident response from an engineering perspective.
• Experience with service mesh architectures (Istio, Envoy-based), API & AI security gateway patterns, and containerization (Kubernetes, Docker).
• Knowledge of real-time threat intelligence distribution and event-driven security telemetry at scale.
• Recognized contributions to the security community — conference talks, published research, open-source contributions, or patents.

Pay & Benefits

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $257,400 and $386,300, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits.

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.

Apple accepts applications to this posting on an ongoing basis.

Submit Resume

Back to search results

See all roles in Sunnyvale

For more details click Job Post.