AIS - Sr. Vulnerability Management Operations Engineer
People at Apple don’t just build products; they craft the kind of experience that has revolutionized entire industries. The diverse collection of our people and their ideas inspire innovation in everything we do. Imagine what you could do here! Join Apple, and help us leave the world better than we found it. Apple is seeking an exceptional Senior Security Engineer to support our vulnerability management program in London, UK. This is a technical, research-oriented, and hands-on role in a dynamic and fast-paced environment. You’ll be working with various applications and systems to analyze and report vulnerabilities, drive remediations, and improve our current processes.
Description
We need someone who passionately stays up to date on emerging security vulnerabilities and threats, keeps a cool head during crises, and advocates every single day for improving the security of Apple products and services. Members of our team not only have a strong technical background but also an insatiable curiosity about network, system, and web security. We thrive with incomplete information and always adapt to changing priorities. Specific responsibilities on the team include:
1. Review and strategize vulnerability management for application and business teams across Apple.
2. Review proof of concept and analysis toward new vulnerabilities and assess their criticality to Apple.
3. Author clear, authoritative responses to vulnerability inquiries.
4. Provide guidance to engineering teams regarding the impact and remediation of security risks.
5. Utilize programming languages to analyze big data telemetry related to systems and applications to extract key information for vulnerability impact analysis.
Minimum Qualifications
* Excellent knowledge of common security vulnerabilities, scanning tools, and the ability to judge their severity and impact on the business.
* Software development experience with either Python, Go, Rust, and/or Bash scripting.
* Strong penetration testing skills, primarily focusing on network and web applications and security research.
* Requirement for on-call rotation, which includes weekends.
Preferred Qualifications
* Knowledge of the security research community.
* Strong critical thinking skills and ability to solve logic/algorithmic problems.
* Develop proof of concepts for new 0-day vulnerabilities.
* Ability to track and lead numerous projects concurrently.
* Knowledge of Databricks.
* Work with project management to drive security issues to closure.
* Degree in Computer Science or other technical field and demonstrated ability in information security or a related field.
#J-18808-Ljbffr