Vulnerability Management Engineer

Santa Clara Valley (Cupertino), California, United States
Corporate Functions


Weekly Hours: 40
Role Number:200115678
Apple is seeking an exceptional Information Security Engineer to support our vulnerability management program across all our assets. This is a technical hands-on role in a dynamic and fast-paced environment. You’ll be working with various application and system owners to report vulnerabilities, to drive remediations, and also to improve our current processes.

Key Qualifications

  • Ability to track and manage numerous parallel activities
  • Passionate about keeping our customers data safe
  • Strong written and verbal communication skills
  • Highly collaborative
  • Driven to automate and improve continuously
  • Familiarity with common security vulnerabilities and the ability to judge their severity and impact to the business
  • High standard of ethics
  • Excellent knowledge of large-scale security solutions integration
  • Good knowledge of integrating very large data sets, analyze the data, and present meaningful metrics
  • Knowledge of the security research community is a strong plus
  • Strong understanding of network topology IPV6
  • Very good understanding of vulnerability scanning tools
  • Skills and Experience with either Python, Perl, Shell Scripting
  • Experience in configuring CI processes using Jenkins
  • Experience with SQL and Linux
  • Experience in implementing code quality scanning and reporting using tools like Jenkins, Sonar, Appscan or Fortify
  • Experience on Web Services
  • Experience implementing solutions in the cloud
  • Experience with big data


You will join a team that passionately stays up to date on emerging security vulnerabilities and threats, keeps a cool head in crisis, and advocates every single day for improving the security of Apple products and services. Successful candidates will need to have a good technical background, superb communication skills, and a strong interest in network, system, and web security. The role also requires a strong ability to work with incomplete information and to adapt to changing priorities. Specific responsibilities include: - Strategize vulnerability management for the application and business team - Author clear, authoritative responses to vulnerability queries - Provide guidance to engineering teams regarding the impact of security issues - Work closely with project management to drive issues to closure

Education & Experience

BS in Computer Science, Information Technology, or related field and 5 years experience in information technology or related field within the last 10 years OR 7 years experience in information technology

Additional Requirements