Senior Security Engineer- Product Engineering Systems

Cupertino, CA
  • Job Code
    200122600
Summary

Summary

Posted: Nov 22, 2019

Weekly Hours: 40

Role Number: 200122600

Responsible for security of internal and customer facing applications, company infrastructure, and connected 3rd party vendors
Ensure secure configuration and operation of cloud networks, load balancers and firewalls (Cloud armor, WAF, etc)
Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats
Assist in design of enhancements to the cloud security strategy by identifying and alerting on appropriate event types
Experience with securing Active Directory/LDAP, Linux, as well as containerized applications
Identify, evaluate, and conduct proof-of-concepts for new technologies, enabling secure development of core architectural components
Develop business relationships and integrate security activities with other departments to ensure successful implementation and support security project efforts
Mentor security analyst, and information technology organization in understanding and adhering to cloud architecture design standards and guidelines. Promote exchange of knowledge within the technical communities
Automate processes and procedures to create a highly resilient security infrastructure
Implement and make recommendations based on threat assessments at the network, server, and endpoint levels
Involved in Threat Hunting exercises and take a purple team approach to security in the environment
Assist in performing investigations of anomalous activity and creating actionable reports to senior management
Partner with our internal InfoSec team and be the primary engineering contact related to all things' security
Own and manage our security vulnerability monitoring and intrusion detection systems. Assure we are aggressively fixing issues raised
Develop internal tooling for automatic deployment of security patches to our production infrastructure
Build out, test and maintain disaster recovery solutions
Architect and implement solutions necessary to address security audits and compliance efforts
Work with external security testing vendors to coordinate pen testing of our platform and network. Coordinate any necessary fixes with the engineering team
Work closely with the applications and infrastructure engineering teams to ensure we are considering security when architecting and building new systems. Ensure that security
solutions are architected with developer velocity and efficiency in mind. Identify and develop tools to aid this process
Develop tools to automate the ongoing security auditing of IAM permissions and other AWS configurations
Participate in an on-call rotation with engineering team

Key Qualifications

  • 5 years in a Senior Dev Sec Ops engineering role

Description

Crafting and validating security standards, policies, and solutions that align with the dynamic and agile nature of Platform/Containerization environments
Performing security evaluations of Containerization technologies to understand the capabilities of the services and hence the security controls that may be required and/or recommended for secure use of the service
Developing governance models for container-based solutions
Experiences in security fields, including web applications testing and threat modelling
Practical experience of integrating and automating security checks into CI/CD pipeline, including but not limited to:
git repo pull and merge controls and SAST platforms such as Sonarqube, Checkmarx
Container Security, Dynamic, Application Scanning, Third party Vulnerability Scanning, etc) with 100% coverage of all deployment/build pipelines
Build new tools and extend existing tools to bridge gaps in existing tools, using technologies like Machine Learning
Design and implementation of automated active testing of security controls
Experience turning feedback from security analysis tools (Threat Stack, Amazon Inspector, etc) into infrastructure improvements
Passionate about high-quality of work and continuous improvement
Passion for solving meaningful problems and iterating quickly-Excellent organizational and analytical skills
We're looking for a hardworking and passionate person to join this amazing team, if you feel this is you, we'd love to hear from you

Education & Experience

Bachelors degree in computer science engineering

Additional Requirements

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Senior Security Engineer- Product Engineering Systems

Apple, Inc.
Cupertino, CA

Join us to start saving your Favorite Jobs!

Sign In Create Account