Job
Description
Role Overview: Imagine what you could accomplish by joining Apple's B2B team as a Sr. Security Engineer. At Apple, new ideas quickly become groundbreaking products and services. The team manages critical integrations with supply chain partners and business customers. As a Sr. Security Engineer, you will contribute to the development, implementation, and maintenance of security measures within the B2B platforms. This role offers a great opportunity for professional growth in the cybersecurity field. Key Responsibilities: - Code Reviews: Collaborate with application development teams to review code for security issues and ensure secure coding standards and best practices. Utilize static and dynamic analysis tools to assess the security posture of software code. - Security Assessments and Threat Modeling: Conduct threat modeling exercises to identify potential security risks in applications. Prioritize and address security concerns based on threat assessments. - Security Tooling: Utilize various security tools and technologies to automate security testing. - Incident Response: Assist in responding to security incidents, conducting investigations, and implementing corrective actions. Improve incident detection and response capabilities. - Security Awareness: Contribute to security awareness training for software development teams. Stay updated on the latest security trends, vulnerabilities, and industry best practices. Ensure applications follow relevant compliance standards such as PCI, SOX, PII, GDPR. - Analytical and Automation Mindset: Address complex security challenges with strong analytical skills. An automation mindset is valued to automate security processes for efficiency and proactive threat detection. Qualifications Required: - Bachelor or Masters in Computer Science or related discipline. - Programming/scripting skills and ability to read and audit various programming languages (Java, JavaScript, Python, etc.). - Practical experience integrating and automating security checks into CI/CD pipeline. Conduct penetration testing against various technologies. - Strong knowledge of network security, encryption protocols, access control, and identity management. - Ability to conduct security assessments, vulnerability scans, and penetration tests. - Hands-on experience in security technologies and tools, including SAST, IAST, and DAST. - Experience with cloud security principles, container security, security incident response, and root cause analysis. - Knowledge of software development lifecycle (SDLC) security practices. - Experience with security audits, compliance assessments, and remediation efforts. - Relevant certifications such as CISSP, CISM, CEH, or CompTIA Security+ are desirable. Apple is an Equal Opportunity Employer committed to inclusion and diversity. The company takes affirmative action to provide employment opportunities to all applicants. Individuals with disabilities are provided reasonable accommodation during the job application process and employment. If you are a talented and passionate individual looking to contribute to innovative cybersecurity solutions at Apple, we would love to hear from you. Submit your CV to apply for the Sr. Security Engineer position. Role Overview: Imagine what you could accomplish by joining Apple's B2B team as a Sr. Security Engineer. At Apple, new ideas quickly become groundbreaking products and services. The team manages critical integrations with supply chain partners and business customers. As a Sr. Security Engineer, you will contribute to the development, implementation, and maintenance of security measures within the B2B platforms. This role offers a great opportunity for professional growth in the cybersecurity field. Key Responsibilities: - Code Reviews: Collaborate with application development teams to review code for security issues and ensure secure coding standards and best practices. Utilize static and dynamic analysis tools to assess the security posture of software code. - Security Assessments and Threat Modeling: Conduct threat modeling exercises to identify potential security risks in applications. Prioritize and address security concerns based on threat assessments. - Security Tooling: Utilize various security tools and technologies to automate security testing. - Incident Response: Assist in responding to security incidents, conducting investigations, and implementing corrective actions. Improve incident detection and response capabilities. - Security Awareness: Contribute to security awareness training for software development teams. Stay updated on the latest security trends, vulnerabilities, and industry best practices. Ensure applications follow relevant compliance standards such as PCI, SOX, PII, GDPR. - Analytical and Automation Mindset: Address complex security challenges with strong analytical skills. An automation mindset is valued to automate security processes for efficiency and proactive threat detection. Qualificat
