Job Details

Role Number: 200643791-3337

Summary

Imagine what you can do here. Apple is a place where extraordinary people gather to do their lives best work. Together we create products and experiences people once couldn’t have imagined, and now, can’t imagine living without. It’s the diversity of those people and their ideas that inspires the innovation that runs through everything we do.

Description

APPLE INC has the following available in Seattle, Washington. Responsible for the security of Apple's internet-facing services and backend infrastructure. Identify areas that are ripe for improvement and establishing appropriate security goals. Conduct third-party cloud service security reviews to ensure that any team at Apple using third-party cloud is secure by default. Provide security requirements to engineering teams developing infrastructure and platform services. Perform application security assessments of customer-facing features and deliver security guidance. Provide secure software development life cycle guidance to engineering teams and platform owns to ensure that software is developed securely. Engage with engineering teams to provide security consultation services to ensure the security of software and infrastructure. Perform security verification reviews to ensure that developed software is built per the secure design specifications. Stay current on new security technologies, vulnerabilities, and methodologies. Develop proof of concept systems to automate security recommendations, vulnerability discovery, and process workflows. Drive security review efficiency and prioritize high-value security team engagement. 40 hours/week. At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $212,202 - $258,100/yr and your base pay will depend on your skills, qualifications, experience, and location.

PAY & BENEFITS: Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits: https://www.apple.com/careers/us/benefits.html.
Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

Minimum Qualifications

• Master’s degree or foreign equivalent in Computer Science or a related field and 5 years of experience in the job offered or related occupation.

• 4 years of experience with each of the following skills is required:

• Utilizing Java, Python, and JavaScript skills to conduct code review to identify security vulnerabilities

• Using financial frameworks, including PCI, and providing design principles on how to secure these environments

• Securing software supply chain and mono-repos by writing software tooling to identify vulnerable 3rd party software libraries

• Writing tooling to detect software misconfigurations and integrating these tools with Git and Jenkins

• Securing software and infrastructure for handling privacy sensitive data such as Personal Identifiable Information (PII) or Protected Health Information (PHI) and providing written guidance

• Securing machine learning infrastructure for privacy sensitive data processing by providing engineering guidance and design principles

• Utilizing threat modeling methodologies including STRIDE and applying the methodology to large scale cloud services infrastructure and delivering written reports with findings

• Developing secure by default libraries and infrastructure as code templates, and integrating these into the Software Development Life Cycle

• Developing Cloud Security Standards specifically around cryptographic device attestation

• Securing Linux kernel and secure boot to ensure a trusted platform for processing and storing sensitive information

Preferred Qualifications

• N/A

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) .