Cyber Risk Remediation Engineer

Seattle, Washington, United States
Corporate Functions

Summary

Posted:
Weekly Hours: 40
Role Number:200148998
This position can be located in Seattle (WA), Austin (TX), or Boulder (CO). The Supplier Security Remediation and Intelligence function is responsible for identifying trends in third-party security assessment findings, driving remediation activities, and maintaining security situational awareness as part of an industry-leading continuous monitoring program at Apple!

Key Qualifications

  • Ability to effectively communicate the risk impact of security controls or vulnerabilities to business partners and third-parties, including technical and non-technical audiences
  • Experience in interpreting information security requirements and applying appropriate risk mitigating controls
  • Ability to analyze security assessment findings to characterize potential threats to the business, including executive leadership
  • Strong project management, communication, and relationship management skills
  • Advanced understanding of networking and security threat intelligence technologies
  • Advanced understanding of common information security controls (e.g. CIS Critical Security Controls)
  • Familiarity with common security vulnerabilities and technical risk assessments
  • Familiarity with vulnerability scanning tools and third-party risk assessment technologies
  • Familiarity with cloud services such as AWS, GCP, and Azure

Description

The Cyber Risk Remediation Engineer will integrate and help drive remediation workflow processes into the third-party security assessment and continuous monitoring programs as part of a world class Supplier Security team at Apple! - Evaluate security issues identified through the assessment process for accuracy and impact to Apple - Ensure partners in the remediation process are held accountable to project timelines - Ensure gaps in mitigation recommendations are clearly and consistently articulated from assessments to remediation - Use commercial security risk and threat intelligence technologies to identify and remediate findings as part of an industry-leading continuous monitoring program - Work multi-functionally with other teams on related security response and threat intelligence efforts

Education & Experience

Bachelor’s Degree or equivalent experience

Additional Requirements

  • Technical Certifications from organizations such as Offensive Security, GIAC, and ISC2 are a plus