View All Jobs 129921

Architect, Perimeter And Network Security, Enterprise Technology Services

Own the perimeter and network security architecture for scalable, secure Apple services
Sunnyvale, California, United States
Expert
$257,400 – 386,300 USD / year
21 hours agoBe an early applicant
Apple

Apple

Designs and sells consumer electronics, software, and digital services, including smartphones, computers, wearables, and media platforms.
214 Similar Jobs at Apple

Architect, Perimeter and Network Security, Enterprise Technology Services

At Apple, new insights often become revolutionary products, services, and customer experiences very quickly. Bring passion and dedication to your job, and there's no telling what you could accomplish. The Emerging Technologies team within IS&T specializes in building forward-looking, extremely scalable systems and solutions in two areas: Information Security and general-purpose, reusable platforms in the space of Integration and Orchestration. The team has a passion for solving challenging problems, exploring new domains, and engineering transformational solutions. We operate with a startup mindset — lean teams, high ownership, and technical leaders who flex across domains to build and scale new capabilities.

Description

The Emerging Technologies team is seeking an industry-recognized Architect to serve as the domain expert for Apple's perimeter and network security platform. You will be the technical authority across the full traffic path — edge proxies, origin/application load balancers, service mesh, and API & AI security gateways — architecting the defenses that protect Apple's services at scale. We are looking for someone who brings deep, proven expertise in perimeter security, threat mitigation, and proxy technologies — a technical leader whose experience and reputation precede them. In this role, you will own the architecture and technical direction of the systems that deliver Apple's security capabilities — WAF protection against OWASP threats, DDoS mitigation, Bot Prevention, TLS termination/origination, real-time threat intelligence, and security policy enforcement across protocols (TCP, UDP, HTTP/HTTPS). These capabilities are powered by L4/L7 proxy runtimes and a Java-based orchestration platform that manages configuration, policy distribution, and lifecycle management at fleet scale. You will define the long-term security architecture vision, drive technically complex initiatives end-to-end, and shape how these systems evolve across on-premises data centers and public cloud environments (GCP, AWS), ensuring Apple's defenses remain resilient, adaptive, and secure as threats and scale grow. This is a deeply technical, hands-on role for a recognized industry expert. You are expected to write code, prototype solutions, lead design efforts, and raise the technical bar for the entire team — not through management authority, but through expertise, influence, and the quality of your work. This role is also deeply cross-functional — you will partner with Apple's security and cloud infrastructure teams to drive a unified security vision, and work directly with application teams across the company to understand their traffic patterns and solve their integrated security needs.

Responsibilities

  • Define and drive the long-term security architecture and roadmap, making critical design decisions on defense-in-depth strategy, threat coverage, scalability, and resilience.
  • Design and architect perimeter security solutions — WAF rule engines, DDoS mitigation, bot detection and prevention, TLS policy management, and real-time threat intelligence distribution at Apple-scale.
  • Own the security architecture across all proxy tiers — edge, origin/application load balancers, service mesh, and API & AI security gateways — and the orchestration/control plane that manages configuration, policy lifecycle, and fleet-wide enforcement.
  • Lead the architecture of security controls across protocols (TCP, UDP, HTTP/HTTPS, TLS), ensuring comprehensive coverage against evolving threat vectors.
  • Drive technical design reviews, author security architecture documents, and establish design standards and patterns that the broader engineering team follows.
  • Bring industry perspective — evaluate emerging threats, security technologies, and defensive approaches; leverage your knowledge to inform strategy and keep Apple's defenses at the forefront.
  • Collaborate with engineering managers, partner teams (security, infrastructure, SRE, product), and leadership to align security architecture with organizational goals.
  • Partner with Apple's security and cloud infrastructure teams to drive a cohesive security vision across perimeter, network, and application layers.
  • Work directly with application teams across Apple to understand their traffic and security requirements, designing integrated solutions that address their specific needs while maintaining platform consistency.
  • Mentor and elevate senior engineers through hands-on design collaboration, code reviews, and technical guidance — acting as a force multiplier for the team.
  • Proactively identify and address security architecture gaps, systemic risks, and technical debt before they become production vulnerabilities.
  • Represent the team's security perspective in cross-organizational architecture forums, security reviews, and industry engagements.

Minimum Qualifications

  • Bachelor's degree in Computer Science, Computer Engineering, or equivalent.
  • 15+ years of hands-on software engineering experience with significant time spent in security architecture or senior technical leadership roles.
  • Expert-level understanding of perimeter and network security: WAF design and rule authoring, DDoS mitigation strategies, bot detection techniques, TLS/mTLS, TCP/IP, HTTP/HTTPS, QUIC, and DNS security.
  • Deep experience with proxy technologies (NGINX, Envoy, HAProxy) across edge, origin, service mesh, and API & AI security gateway tiers — including protocol-level internals, security module/filter architectures, and load balancing strategies. Solid understanding of IP networking fundamentals including BGP and NAT.
  • Experience designing and building orchestration/control plane systems for security policy distribution and configuration management across distributed infrastructure at scale.
  • Proven ability to architect systems that span on-premises and public cloud (GCP, AWS) with high availability, fault tolerance, and security as first-class concerns.
  • Strong proficiency in Java/J2EE for building backend platforms. Ability to write production-quality code and lead by example.
  • Demonstrated track record of driving security architecture strategy and making high-impact design decisions across multiple teams or products.
  • Experience working cross-functionally with security, cloud infrastructure, and application teams to deliver integrated traffic and security solutions.
  • Excellent written and verbal communication skills — ability to produce clear architecture documents and present complex security concepts to diverse audiences, from engineers to executives.

Pay & Benefits

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $257,400 and $386,300, and your base pay will depend on your skills, qualifications, experience, and location. Apple employees also have the opportunity to become an Apple shareholder through participation in Apple's discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple's Employee Stock Purchase Plan. You'll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits. Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program. Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant . Apple accepts applications to this posting on an ongoing basis. Submit Resume

+ Show Original Job Post
Suggest a correction
























Architect, Perimeter And Network Security, Enterprise Technology Services
Sunnyvale, California, United States
$257,400 – 386,300 USD / year
Support
Apply to job
About Apple
Designs and sells consumer electronics, software, and digital services, including smartphones, computers, wearables, and media platforms.