Information Systems Cybersecurity Engineer, Enterprise Systems
Culver City, California, United States
Software and Services
The people here at Apple don’t just build products — we craft the kind of wonder that’s revolutionized entire industries! It’s the diversity of those people and their ideas that supports the innovation that runs through everything we do, from amazing technology to industry-leading environmental efforts. Join Apple and help us leave the world better than we found it. As a part of Apple's Information Systems & Technology team, the Cybersecurity Engineer will design and deliver solutions that improve the security, privacy, and compliance of one of the world’s largest and most powerful SAP environments. You are someone eager to apply your deep security expertise to a sophisticated landscape and leave a legacy of powerful transformation that will enable Apple’s worldwide operations for years to come.
- Outstanding ethical standards and integrity
- Highly reciprocal and excellent communicator (written & verbal)
- Passionate about security and privacy research, technologies, and methods
- Motivated by difficult and novel problems in a highly-complex, ground-breaking environment
- Familiarity with tools and threat models for sophisticated landscapes and operating environments
- Proficient in building security toolchains and scripting own automations
- Proficient in conducting solution architecture security design reviews
- Experienced in designing offensive security test cases and performing manual & automated attack simulations to test control effectiveness
You will be a technical security authority responsible for testing the security and integrity of services that enable Apple’s Treasury and Global Supply Chain! You will work with engineers, project teams, and business liaisons to perform effective analysis and detailed understanding of the operating environment at the technical level, and gain an understanding of the business value-at-risk. You will threat model existing and proposed environmental changes, identify security vulnerabilities, and document recommended security enhancements to ensure that security, privacy, and compliance goals are met. You will design and perform security penetration tests on various Enterprise System platforms to simulate probable attack patterns, in order to validate control effectiveness. You will share the results of your work with developers, engineers, and project teams and promote changes vital to improve our risk posture.
Education & Experience
Bachelors or Masters/PhD in Computer Science or Engineering with an emphasis in Computer Security or a related field, or equivalent experience.
- - Possess an understanding of past and emerging security exploits, threat actor motivations, and trends
- - Understanding of cloud technologies, security compliance frameworks, security engineering, software delivery, and SDLC in a hybrid environment.
- - 6+ years of experience working with engineering teams to build and deliver secure environments, with 2+ Years of adversary simulation testing experience with a variety of tools and techniques
- - Desirable Certifications: GPEN, GEVA, GWAPT, GCPN, GXPN, GPYC