Search jobs and placement papers

Security and Compliance Engineer at Apple Inc. (Cupertino, CA)

Apple is seeking an exceptional Security and Compliance Engineer who will be responsible for ensuring Apples continued compliance with WebTrust and operational security for a suite of high security, high availability enterprise application services. The ideal candidate must have demonstrated understanding of general IT controls and have a strong grasp of security concepts. The individual must be able to quickly understand the essence of multiple new technical concepts and identify potential control weaknesses, breakdowns, and new risk areas.

Key Qualifications:
5+ years of experience in security and compliance with 3+ years of experience in the Big 4 focusing on WebTrust, PCI, SOX, privacy, and other security related audits
Expertise related to implementing and evaluating PKI compliance requirements for WebTrust for CA, WebTrust for SSL Baseline, and WebTrust for EV SSL Baseline
Experience writing policy documentation specifically Certificate Policies (CP) and Certification Practice Statements (CPS)
Experience analyzing datasets to draw meaningful conclusions that may impact security standards
Experience assessing effectiveness of operating system (Linux, Unix) and network-related security controls
Able to clearly communicate risk to high level management and other key stakeholders
Strong security awareness
Strong knowledge of PKI concepts
Comfortable working independently with limited supervision
Understanding of cryptography a plus
Experience with basic scripting (i.e., bash, perl, python) and a database query language, such as SQL, a plus
Experience with Splunk a plus

The successful candidate will be highly self-motivated with a passion for excellence, quality, and attention to detail. The Security and Compliance Engineer will work closely with teams throughout Apple, to ensure Apples ongoing compliance with WebTrust and other security-related audits.

Responsibilities of this role include the following:
Lead teams across the organization to implement security controls and processes.
Liaise with external auditors to facilitate smooth and efficient assessments.
Design and perform periodic testing to ensure continued audit compliance.
Monitor evolving industry standards and requirements, such as CA/B Forum and WebTrust, and recommend the best course of action for Apple.
Assess environment risk on a periodic basis and develop new processes and procedures to increase efficiency and effectiveness.
Advise on security best practices.
Collaborate with stakeholders such as Legal and Engineering to write Certificate Policies (CP) and Certification Practice Statements (CPS).
CISA or CISSP certification a plus.

BS/MS in Computer Science, Management Information Systems, or Business Administration preferred.

Apple is an Equal Employment Opportunity Employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities.

by via developer jobs - Stack Overflow


No comments:

Post a Comment