| Location | |
| Country: | United States |
| State/Prov: | California |
| City: | Cupertino |
| Position | |
| Position/Title: | Security Engineer |
| Position Type: | Permanent F/T |
| Closing Date: | 2008-11-07 |
| Job Description: |
Apple is seeking an exceptional Information Security expert to join a world-class information security team. This is a highly technical, hands-on role in a dynamic and fast paced environment. The candidate will need to have a good mixture of deep technical know-how as well as a background in higher level information security concepts e.g. ISO 17799, risk assessment methodologies etc. Responsibilities of this position include: • Responding to IT threats and vulnerabilities and bring these issues to resolution. • Routinely conducting security risk assessments evaluating business requirements against impact, vulnerabilities and identifying the resulting risks. • Supporting the global IT Security infrastructure. • Participating in project meetings and performing security design reviews - from high level application architecture to configuration of OS level parameters to meet security goals. • Serves as an active member of the Information Security Incident Response Team (SIRT) and participates in incident response efforts. • Researching the latest security best practices, staying abreast of new threats and vulnerabilities and helping to disseminate this information within the group as well as to other groups within Apple. • Security consulting to application development teams. • Security technology assessments. |
| Job Requirements: |
Requirements include: • A strong ability to multi-task and manage varying priorities. • Excellent verbal and written communication skills and high attention to detail. • The ability to analyze complex problems, quickly develop creative solutions, and adapt to a fast paced environment. • Ability to effectively work across multiple groups within Apple • Proficiency in networking concepts such as setting up VLANs, basic routing/switching • Strong knowledge of scripting languages (PERL, PHP, Shell). • Background in secure coding best practices and code auditing a plus. • Familiar with vulnerability management solutions to highlight errors in system/network/application and database configuration. • Proficiency in either Mac OS X or other flavors of UNIX, firewalls/VPNs, IDS, NIDS/HIDS, protocol analyzers, and vulnerability scanners. • Experience performing packet analysis or system forensics e.g. be able to decipher tcpdump output to identify required ports, necessary protocols, who initiates the connections and when ephemeral ports are used. • Familiarity with network and application penetration testing, buffer overflows, SQL injections, and other advanced hacking techniques. • Experience performing web application penetration testing a plus - must include manual testing. • Familiarity with data center operations a plus • Familiarity with ISO standards such as 17799, 27001, NIST standards and/or PCI a plus. Position requires a BS in Computer Science or 4+ years of equivalent, hands-on information security experience in large enterprise environments. |
| Contact Information | |
| Contact Directions: |
Candidates currently limited to US residents. Please send a resume via e-mail (PDF preferred). http://jobs.apple.com/index.ajs?BID=1&method=mExternal.showJob&RID=28542 |
| Company: | Apple Inc |
| First Name: | Dylan |
| Last Name: | Ryder-Loomis |
| Title: | |
| Email: | dylanrl (at) apple (dot) com [email concealed] |
