Senior Security Compliance Engineer, Apple Services Engineering (ASE)

Summary

Posted: Nov 12, 2024
Weekly Hours: 5
Role Number:200578725

Imagine what you could do here. At Apple, new ideas quickly become great products, services, and customer experiences. Bring passion and dedication to your job and there’s no telling what you could accomplish. As a key member of our Apple Services Engineering (ASE) Compliance organization, you will help uphold Apple’s high security standards, as well as enable us to grow our products, services and infrastructure. You will help build and grow a global cloud services governance, risk management and compliance program, all in support of ensuring we meet our legal and regulatory obligations while safeguarding the systems that millions of our users rely on every day. You will collaborate with engineering leaders at many levels, developers, quality engineers, and compliance & security teams across Apple to institute the controls vital for the program. You will partner with application security, platform security, SRE, central security and compliance groups at Apple to craft and roll out controls and processes and conduct gap assessments across ASE which may cover areas like iCloud, Cloud infrastructure, as well as media products.

Description

You will be responsible for supporting dozens of key, ongoing compliance projects including preparation of regulatory materials, management of documentation, creation of presentations, and coordination of cross-functional activity. This role is well suited for detailed-oriented problem solver with people skills. We’re looking for someone who works well in collaborative environments. They must be able to focus on details while keeping in mind the big picture. The ability to work with a wide range of cross-functional employees at every level is a must.

Minimum Qualifications

• 5+ years assessing multiple projects and product and infrastructure security risks and recommending mitigating controls
• 5+ years of security compliance framework experience
• Expertise with security standards such as SOX, PCI-DSS, ISO27K, SOC or NIST (some combination of these is ideal)
• Technical acumen required. Understanding of one or more of the following technologies/focus areas are ideal - cloud, open sourced distributed systems, security
• Great at both collaboration and independent problem solving
• Superb written communication and technical research skills
• Ability to work in a fast-paced dynamic environment and work on multiple unrelated topics in any given week
• Ability to develop relationships and work effectively with different teams at all levels and across functions relative to technical, policy, and business concerns
• Experience working in global organizations with diversified cultural, language and time zone environment
• Ability to resolve conflicts and drive issues to resolution
• Work independently with little or no supervision while maintaining a high level of efficiency
• Bachelor's Degree or equivalent experience preferred.

Preferred Qualifications

• Current CISA, CISSP, CISM, CIPT or other related certifications
• Experience with standards research and contributing to policy reform
• Experience with light scripting, API integrations preferred
• Demonstrated track record of dealing with ambiguity and complexity in achieving and sustaining compliance across technologies at scale

• Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.