AMP Platform Security Engineer - Risk, Validation, and Assurance

Santa Clara Valley (Cupertino), California, United States
Software and Services


Role Number:200163374
The Apple Media Products group has an immediate opening for a platform security engineer to drive an assurance strategy that protects AMP’s many endpoints and critical services. This is a hands-on role that will require close collaboration with AMP’s business units and the central information security assurance team to ensure AMP’s most important services are appropriately checked and validated. This position will be responsible for managing key security responsibilities including: - Developing and executing a penetration testing and assurance strategy that is appropriate given AMP’s size and product portfolio. - Building a customized risk classification system that can be used to triage and rate vulnerabilities/threats in the context of AMP’s business - Crafting a process for inventorying and documenting the risk profile for business unit critical systems and services. - Performing threat modeling and risk analysis in collaboration with engineering and SRE teams to identify and evaluate potential risks to AMP products. - Working with amp platform and engineering teams to evaluate the potential risk/exposure associated with significant changes or new features. - Identifying opportunities to reduce risk and improve assurance. This is an opportunity to own and drive a significant portion of the protection strategy of AMP’s critical asset!

Key Qualifications

  • - The ability to reason about risk in a complex, micro service-oriented environment.
  • - Threat modeling experience as a part of a product SDLC process.
  • - Experience working with business units to identify critical assets and define high risk activities around those assets.
  • - Experience managing penetration tests and acting up on the results.
  • - Strong communication and documentation skills.


The Apple Media Product (AMP) group manages a number of high value, high risk business processes that must be effectively protected against attack. The platform security engineer will be responsible for developing an assurance strategy centered around business-specific risks that ultimately reduces the likelihood of security events. This requires collaborating with business units to inventory AMP’s critical assets and workflows to identify areas of security uncertainty and potential risk evaluation. The security engineer will also need to coordinate with Apple’s central security review team to ensure alignment around coverage and areas of focus. This is a great opportunity for someone with a strong product security/penetration test who is interested in working directly in a business unit to reduce business risk and improve product security.

Education & Experience

5+ years of experience in a product security, penetration testing, or security architecture role.

Additional Requirements