Job Details

Weekly Hours: 40

Role Number: 200619741-3337

Summary

We are the Apple Service Engineering (ASE) Security team. We are the team that secures the systems and infrastructure that fuel Apple’s services (such as iCloud, Apple Music, Apple Fitness, and Apple TV). We are the foundation on which Apple’s software developers build the products that our customers love.

The ASE Security team is looking for an experienced security professional to lead its Vulnerability Management function. In this role, you’ll be responsible for rapidly investigating, assessing, and mitigating security issues while driving clear, proactive communication throughout the vulnerability management lifecycle. The ideal candidate brings a strong technical foundation in vulnerability management with deep expertise in incident response.

Description

As part of our team, you’ll work with highly skilled security professionals passionate about identifying, assessing, and mitigating security risks. This role is central to the controls that protect Apple’s customers, data, and brand. You’ll have the opportunity to build security processes and technology with a truly global impact.

Minimum Qualifications

• 7+ years of experience in Information Security with a focus on incident response, security engineering, or intrusion detection.

• Deep understanding of threat modeling, operational threat intelligence, and common attack vectors and frameworks.

• Strong knowledge of system and network hardening practices.

• Exceptional analytical and investigative skills, with hands-on experience in root cause analysis.

• Experience applying AI/ML techniques to analyze CVEs and prioritize high-risk vulnerabilities.

• In-depth knowledge of macOS, Linux, or Windows operating systems and distributed systems design.

• Expertise in analyzing endpoint, network, and application logs at scale.

• Scripting and/or software development experience.

• Demonstrated ability to design, document, and implement new security processes

Preferred Qualifications

• B.S. in Computer Science, Engineering, or equivalent technical field—or equivalent practical experience.

• Security certifications such as OSCP, GIAC, or CCNP/CCIE are a plus.

• Experience with enterprise log collection and analysis platforms (e.g., Splunk, OSQuery).

• Strong grasp of core information security concepts and terminology.

• Understanding of exploit development and conditions required to trigger different vulnerability types.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12ScreenRdr.pdf) .