Vulnerability Management Operations Engineer

Summary

Posted: Feb 4, 2025

Role Number:200589827

Apple is seeking an experienced Vulnerability Management Engineer to join our security team. This will be a technical hands-on role in identifying, assessing, and remediating vulnerabilities across our infrastructure, systems, and applications. You will be working closely with cross-functional teams to ensure the vulnerabilities are identified and mitigated promptly.

Description

Key Qualifications: Excellent knowledge of vulnerability scanning tools. Interpret results and prioritize vulnerabilities based on the risk and impact. Lead efforts to identify, prioritize, and remediate vulnerabilities through process improvements, automation, and collaboration with systems owners. Support compliance engagements across various business units to meet the audit requirements. Provide and author technical guidance for the resolution of reported vulnerabilities. Stay informed about emerging threats, vulnerability management trends, and security tools. Suggest and implement improvements to the vulnerability management program. Experience with creating custom dashboards for reporting actionable recommendations to leadership. Experience with Python, Go, and/or bash scripting. Experience with SQL, Databricks, and Spark programming. Self-starter to support a global team. *Requirement for on-call rotation.

• 3-5 years of experience in vulnerability management or security operations.
• 2-3 years of experience in writing automation using Python, Go, etc.
• Excellent knowledge of Databricks and SQL.
• Experience in cloud environments like AWS, GCP, etc.
• Proficiency with vulnerability scanning and management tools.
• Strong understanding of network security, application security, and cloud security.
• Strong knowledge of compliance requirements (e.g. PCI DSS, ISO27001, SOX, etc.).
• Excellent communication skills with the ability to provide technical information to both technical and non-technical stakeholders.
• Strong analytical and problem-solving skills.
• Bachelor's degrees in Computer Science, Information Security, or a related field.

• Certifications such as OSCP, CISSP, SANS, etc.
• Familiarity with DevSecOps processes.
• Self-motivated with a proactive approach to security and risk management.
• Ability to work under pressure and meet deadlines while tracking multiple parallel activities.
• Strong team player with the ability to collaborate across other teams.
• Attention to detail with an out-of-the-box thinking mindset.

• Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.