Senior Security Engineering Project Manager, Apple Services Engineering (Ase)

Apple Services Engineering (ASE) team is one of the most exciting examples of Apple's long-held passion for combining art and technology! We enable Apple's apps and services, and we do it on an extensive scale, to hundreds of millions of customers in over 35 languages to more than 150 countries. The ASE Security team is seeking an experienced Security Engineering Program Manager to drive internal security engineering functions such as offensive / adversarial security exercises, collaborative design reviews and education, as well as automation and detection. Within ASE you will work with and influence colleagues across Apple to implement new features and ensure security continues to be at the forefront of our software and development processes. You will join a team of technical engineering-focused program managers committed to and passionate about driving forward our security, privacy and compliance technologies. As our work is integral through the entire software stack, you will have the opportunity to work with a wide variety of engineering teams across Apple. We cultivate strong relationships, build trust, and influence without direct authority. We communicate openly and clearly, collaborate enthusiastically, and value a diverse culture of healthy debate.

Do these points resonate with you? If so, we want to talk!

Description

As a Security Engineering Program Manager in ASE, you are both a technical and functional expert in the world of securing enterprise servers and services at scale. This team will work directly with an engineering team to deliver security improvements and creative mitigations and remediation strategies across Apple to exceed our high expectations. This is not a task-based job; we are accountable for delivering secure and performant systems. Partnering with program and engineering leaders and teams, you will influence and drive every aspect of software and hardware development and deployment including definition, design, integration, build, qualification, and release processes; identify release blockers and run the implementation and deployment of remediations to development, QA, and production environments both on premise and in public cloud infrastructure globally. You can expect to partner with engineering and other multi-functional teams to identify opportunities to secure our services and machines, to gather input, then deploy and improve those security controls. You will also work closely with other engineering teams to make security-improving changes to their tools, processes, and workflows.

Minimum Qualifications

• Engineer or Technical Program Management professional or volunteer experience in at least one of the following areas: security review, adversarial and/or collaborative testing, detection and response, incident and/or vulnerability management, education, outreach, or automation of testing, tooling, or remediations.

Preferred Qualifications

• Experience in several of the following areas: Software Security Assurance, Application Security, Threat Modeling, Secure Coding Practices, Vulnerability Assessment, Secure Development Lifecycle (SDLC), Security Requirements Analysis, Secure tunneling protocols (IPSec, TLS, Etc.), Secure Architecture Design, Secure Development Tools and Techniques, Certificate based authentication, encryption, Secure Development Frameworks (e.g., OWASP SAMM), Secure Software Development Methodologies (e.g., Agile, DevSecOps), enterprise server administration and management at scale.

• Ability to dive deep into technical areas, as demonstrated by deep technical expertise in one or more security engineering technology or domain.

• Able to think critically and creatively, identify risks and drive the execution across multiple teams to remediate them.

• Able to focus and simplify, balancing the details with goals, priorities, and trade-offs in mind.

• Outstanding verbal and written communication skills.

• Ability to filter and distill relevant information for the right audience.

• Demonstrated ability to work effectively with and influence multiple collaborators across a highly-matrixed, multi-functional organization.

• Past experience in defining multi-functional processes and completing them successfully.

• Experience working in a security engineering or a technical/engineering program management role.

Education & Experience

Bachelor's/Master's Degree or equivalent work experience in project management or security engineering

Pay & Benefits

• At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $129,600 and $236,300, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple's discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple's Employee Stock Purchase Plan. You'll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses - including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation.