Senior Compliance Engineer

United States
Software and Services

Summary

Posted:
Weekly Hours: 40
Role Number:200380601
Imagine what you could do here. At Apple, new ideas quickly become great products, services, and customer experiences. Bring passion and dedication to your job and there’s no telling what you could accomplish! The ACS Security and Privacy Compliance team has their first opening on a newly created team! We are in search of a Senior Compliance Engineer. As a Senior Compliance Engineer, you will help build and grow a global cloud services governance, risk management and compliance program, ensuring we meet our legal and regulatory obligations, while safeguarding the systems that millions of our users rely on every day. You will collaborate with engineering leaders, developers, quality engineers, and privacy & security teams to institute controls vital for the program. You will partner with application security, platform security, SRE, central security and privacy groups at Apple to craft and roll out controls and processes for Apple Cloud Services.

Key Qualifications

  • 5+ years in product security, security engineering, and/or security and privacy compliance
  • Basic coding experience and highly comfortable with scripting and building API integrations
  • Highly focused on embedding automation into key processes
  • Technical acumen required. Understanding of one or more of the following technologies/focus areas are ideal - Cloud technologies, infrastructure, build and deployment systems, open sourced distributed systems, security, privacy
  • Expertise with security and privacy standards such as GDPR/CCPA,SOX, SOC1/2, PCI, HIPPA/Hitrust, ISO27001/27018, or NIST (some combination of these is ideal)
  • Great at both collaboration and independent problem solving
  • Superb written communication and technical research skills
  • Ability to work in a fast-paced dynamic environment and work on multiple unrelated topics in any given week
  • Current CISA, CISSP, CISM, CIPP, CIPM, CIPT or other related certifications preferred
  • Ability to develop relationships and work effectively with different teams at all levels and across functions relative to technical, policy, and business concerns
  • Experience working in global organizations with diversified cultural, language and time zone environment
  • Ability to resolve conflicts and drive issues to resolution
  • Work independently with little or no supervision while maintaining a high level of efficiency

Description

You will work across Apple Cloud Services and participate in discussions on the technical implementation of applicable compliance requirements. In collaboration with technical experts and legal counsel, you will analyze existing systems and processes against applicable compliance requirements and architect changes when needed to improve compliance with the Regulation. RESPONSIBILITIES WILL INCLUDE: Partner with engineering teams to help them develop, test, and evaluate compliance automation and tooling that will enhance our compliance posture and ability to comply with emerging requirements. Solve common control challenges around access management, change management, configurations, and more. Conduct compliance gap assessments for Apple Cloud products and services. Provide mentorship and support product and engineering teams on how to achieve compliance Recommend controls required to mitigate security and privacy risks found in assessments during engineering design, implementation, and production support. Establish continuous monitoring for effectively tracking and managing security and privacy controls. Support and enable security and privacy awareness training program(s). Identify and implement opportunities to improve our ability to measure and report on risk management. Effectively integrate compliance risk/context and technical knowledge to address complex problems. Contribute to the development of multi-year strategies for compliance within ACS and support readouts of our program to leadership and partners.

Education & Experience

The ideal candidate will have at least 5 years of relevant industry experience. A computer science or engineering degree is helpful, but not required.

Additional Requirements

  • Apple is an Equal Opportunity Employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities. Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants.
  • Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law.
  • Apple's committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities.