AIS - Sr. Vulnerability Management Operations Engineer

Summary

Posted: Oct 11, 2024

Role Number:200572210

People at Apple don’t just build products they craft the kind of experience that have revolutionised entire industries. The diverse collection of our people and their ideas inspire innovation in everything we do. Imagine what you could do here! Join Apple, and help us leave the world better than we found it. Apple is seeking an exceptional Senior Security Engineer to support our vulnerability management program in London, UK. This is a technical, research-oriented and hands-on role in a dynamic and fast-paced environment. You’ll be working with various applications and systems to analyze and report vulnerabilities, to drive remediations, and also to improve our current processes.

Description

We need someone who passionately stays up to date on emerging security vulnerabilities and threats, keeps a cool head during crises, and advocates every single day for improving the security of Apple products and services. Members of our team not only have a strong technical background, but also an insatiable curiosity about network, system, and web security. We thrive with incomplete information and always adapt to changing priorities. Specific responsibilities on the team include: - Review and strategize vulnerability management for application and business teams across Apple. - Review proof of concept and analysis toward new vulnerabilities and assess the criticality of them to Apple - Author clear, authoritative responses to vulnerability inquiries. - Provide guidance to engineering teams regarding the impact and remediation of security risks. - Utilise programming language to analyze big data telemetry related to systems and applications to extract key information for vulnerability impact analysis.

Minimum Qualifications

• Excellent knowledge with common security vulnerabilities, scanning tools and the ability to judge their severity and impact to the business
• Software development experience with either Python, Go, Rust, and/or Bash scripting
• Strong penetration testing skills, primary focusing on network and web applications and security research.
• Requirement for on-call rotation, which includes weekends

Preferred Qualifications

• Knowledge of the security research community
• Strong critical thinking skills and ability to solve logic/algorithmic problems.
• Develop proof of concepts for new 0-day vulnerabilities.
• Ability to track and lead numerous projects concurrently.
• Knowledge of Databricks
• Work with project management to drive security issues to closure.
• Degree in Computer Science or other technical field and demonstrated ability in information security or related field