Apple is seeking an exceptional Information Security expert to manage a world-class information security team. This is a highly technical, hands-on role in a dynamic and fast paced environment. The candidate will need to have a good mixture of deep technical know-how as well as a background in higher level information security concepts, risk assessment methodologies etc.
The ideal candidate will have 10+ years experience managing a team of technical security engineers dealing with coordinating efforts in a highly variable environment.
Coordinating the team's efforts to respond to IT threats and vulnerabilities and bring these issues to resolution.
Provide guidance to the team conducting security risk assessments evaluating business requirements against impact, vulnerabilities and identifying the resulting risks.
Participating in project meetings and performing security design reviews - from high level application architecture to configuration of OS level parameters to meet security goals.
Researching the latest security best practices, staying abreast of new threats and vulnerabilities and helping to disseminate this information within the group as well as to other groups within Apple.
Mentor and guide development of a highly technical team from both a technical and soft skills perspective.
Description
Requirements include:
• Ability to lead a highly technical team focused on the security of Apple's critical customer facing services.
• A strong ability to multi-task and manage varying priorities.
• Excellent verbal and written communication skills and strong interpersonal skills.
• Ability to confidently lead groups to achieve goals through focused attention to detail.
• Ability to effectively work across multiple groups within Apple
• Proficiency in networking concepts such as setting up VLANs, basic routing/switching
• Background in secure coding best practices and code auditing a plus.
• Familiar with vulnerability management solutions to highlight errors in system/network/application and database configuration. • Proficiency in either Mac OS X or other flavors of UNIX, firewalls/VPNs, IDS, NIDS/HIDS, protocol analyzers, and vulnerability scanners.
• Familiarity with network and application penetration testing, buffer overflows, SQL injections, and other hacking techniques.
• Experience performing web application penetration testing a plus - must include manual testing.
• Familiarity with data center operations a plus
• Familiarity with ISO standards such as 17799, 27001, NIST standards and/or PCI a plus.
Education
Position prefers a BS in Computer Science or 6+ years of equivalent, hands-on information security experience in large enterprise environments and experience managing and mentoring a technical team.
Send To A Friend
Posts
