Security Engineer, Engineering Solutions

Apple Inc. Austin , TX 78719

Posted 1 week ago

The Engineering Solutions team is tasked with building components and applications for both internal use as well as external customer use. This position will be responsible for implementing standardized security practices across the varied teams that are part of this IS&T division. We are looking for an individual with a background in Security, especially running security programs, project management abilities and application security. The position will require multi-functional engagement with the Apple Information Security teams, excellent influencing abilities and interpersonal skills.

Key Qualifications

  • 3+ years of experiences in security fields, including web applications testing and threat modeling.

  • Lead security projects by setting priorities and measurable objectives, multi-functional dependencies, planning, scheduling, communication, implementation, and subsequent monitoring and reporting on the process, progress and results.

  • Extensive hands on experiences with security tools like Nessus, Fortify, Webinspect, Checkmarx, Burp etc.

  • Strong knowledge in current security threats, trends, and mitigation.

  • Passion for discovering and researching new vulnerabilities and exploitation techniques.

  • Passionate about securing Apple's products & customers.

  • Excellent at collaborations, influencing and creating a strong team environment. Effective time management and prioritization skills.

  • Strong communication skills both verbal and in writing

  • Able to discuss risk assessments with audiences of various technical & business backgrounds. Demonstrated ability to work in a matrix environment, and ability to influence at all levels. Comfortable with fast-paced, schedule driven development

  • Experience integrating security practices into product focused engineering teams

  • Ability to identify gaps in security focused tooling & lead a peer group through project planning, scheduling, and execution.

  • Programming skills in Java, Objective C or similar languages a plus

  • Ability to explain security concepts and standard methodologies in order to participate in application architecture reviews.

  • Ambitious and proactive with demonstrated creative and critical thinking capabilities.

Description

You will participate in multi-functional work teams with Apple Information Security, Legal, HR, and Operations to understand new initiatives and changes in PCI/PII/SOX policies, which will need to be integrated into our workflows. Assist in the review of vulnerabilities found during regular scanning and penetration testing with application/infrastructure owners. Report to management on ongoing status of the projects, and serve as advocate of recommended remediation to mitigate risk to other teams within the organization. Work on org vulnerability management to help teams understand security vulnerabilities, to perform risk analysis and prioritize to schedule patching activities, collaborate with other teams to establish security protocols.

Work with application engineering, infrastructure, AIS and corporate compliance teams to evaluate risks of our applications

Run projects across multiple teams to make sure the applications go through security reviews. Extend the utilization of security testing team to all application teams under Engineering Solutions, and track the effectiveness of their work against the results of the formal reviews. Conduct application security testing and source code auditing for a variety of technologies as needed.

Work with compliance and internal audit teams to help application teams through regulatory audit, and track compliance and vulnerability management tickets to have them closed before deadline.

Provide clear and detailed risk assessment and remediation guidelines for developers and business owners. Report underlying security issues and propose enhanced security protections.

Work on information security related projects, compliance auditing and any new security related initiatives.

Identify process gaps, and opportunities for automation to reduce the weak points in the notification and tracking processes.

Education & Experience

Bachelor's degree(B.S) or Masters (M.S) in Computer Science, Engineering or related field with 2 years experience

Additional Requirements

  • Security research on the latest best practices, trends, threats, vulnerabilities, and technology frameworks.

  • Documenting and disseminating security guidelines for common security issues, remediation guidance, and security technology baselines

  • Developing tools and exploits to support application security review and/or penetration testing. Work multi-functionally with teams providing security consulting services and driving new security initiatives.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Manager Google Cloud Technical Solutions Engineering

Google Inc.

Posted 4 days ago

VIEW JOBS 12/4/2019 12:00:00 AM 2020-03-03T00:00 The Google Cloud team helps companies seamlessly make the switch to Google products and supports them along the way. You swiftly problem-solve technical issues for customers to show how our products can make businesses more productive, collaborative, and innovative. You work closely with a cross-functional team of web developers and systems administrators, not to mention a variety of both regional and international customers. Your relationships with customers are crucial in helping Google grow its Google Cloud business and in bringing our product portfolio into companies around the world. As a Manager of Google Cloud Technical Solutions Engineers, you'll develop team members into skilled troubleshooting experts and cross-functional leaders who not only diagnose a wide variety of G Suite problems within minutes, but also treat each problem as an input for product innovation. You'll be a part of a global team that provides 24x7 support to help customers seamlessly make the switch to Google Cloud. When customers cannot resolve issues themselves, your job is to ensure that we have the necessary tools and processes to swiftly resolve the issue with as little customer effort as possible. You'll build relationships with leaders in G Suite Software Engineering, Product Management and Site Reliability Engineering which will allow you to increase instrumentation and supportability on the platform, increase the product suite's self help capabilities. You're expected to become a trusted source of data-supported customer feedback. You'll lead excellent operations within the team, with a focus on reliable execution. You will also lead a functional area across the global team. Google Cloud helps millions of employees and organizations empower their employees, serve their customers, and build what's next for their business — all with technology built in the cloud. Our products are engineered for security, reliability and scalability, running the full stack from infrastructure to applications to devices and hardware. And our teams are dedicated to helping our customers and developers see the benefits of our technology come to life. Minimum qualifications: * Bachelor's degree in Computer Science, related technical field, or equivalent practical experience. * 5 years of experience in technical support engineering or similar role. * 1 year of experience leading a technical, customer-facing team (team lead or manager). Preferred qualifications: * Experience with managing hosted services/SaaS and/or ability to analyze and trace product behavior back to the responsible code. * Experience implementing, troubleshooting, and supporting Internet-based applications, web servers, data storage, commerce engines, and Linux/Unix operating systems. * Understanding of networking, web and/or mail-related standards (DNS, DHCP, TCP/IP, SMTP, HTTP, XML), and web security mechanisms. * Software development leadership skills. * Ability to interact directly with customer executives and resolve high-profile escalations/issues, improve customer experience and drive initiatives that increase the customer success on our product suite. * Excellent strategic thinking, and creative problem-solving skills and analytical mindset. * Lead a team of engineers who deliver technical support to our global team and administrators of the G Suite services and APIs. * Develop the vision, goals and priorities and work alongside the team to accomplish them. Ensure high-quality customer service, enhance the operations, and develop the team's technical skills and instrumentation on an ongoing basis. * Partner with Product Management and Engineering to advocate for customers with data-driven approach. Break down customer issues into meaningful areas for innovation in the overall product, recognize trends in customer feedback, and escalate product problems and operational issues within Google. * Engage with Software Engineering, Product Management and Site Reliability Engineering to manage production incidents in real time. * Work with local Sales and Operations teams to track and develop the operational program performance. Google Inc. Austin TX

Security Engineer, Engineering Solutions

Apple Inc.