SUMMARY

Posted: Mar 5, 2025
Weekly Hours: 40
Role Number:200593852
Apple Services Engineering (ASE) team is one of the most exciting examples of Apple’s long-held passion for combining art and technology! We enable Apple’s apps and services, and we do it on an extensive scale, to hundreds of millions of customers in over 35 languages to more than 150 countries. The ASE Security team is seeking an experienced Security Engineering Program Manager to drive internal security engineering functions such as offensive / adversarial security exercises, collaborative design reviews and detection. Within ASE you will work with and influence colleagues across Apple to implement new features and ensure security continues to be at the forefront of our software and development processes. As our work is integral through the entire software stack, you will have the opportunity to work with a wide variety of engineering teams across Apple. We cultivate strong relationships, build trust, and influence without direct authority. We communicate openly and clearly, collaborate enthusiastically, and value a diverse culture of healthy debate. Do these points resonate with you? If so, we want to talk!

DESCRIPTION

As a Security Engineering Program Manager in ASE, you are both a technical and functional expert in the world of securing enterprise servers and services at scale. While working directly with ASE security and engineering teams, you’ll identify opportunities to improve our security posture. This will include building tools, driving process improvements, and working with service owners to develop innovative solutions to complex technical challenges. You will be responsible to identify, plan and deliver program security outcomes by independently engaging a broad set of internal and external stakeholders.

MINIMUM QUALIFICATIONS

• 5+ years of project and/or program management experience
• Collaborative engagement and technical empathy for engineers
• Familiar with testing, reliability, security, privacy, and other compliance review workflows
• Expertise with running the entire lifecycle of a program, from planning to execution and driving continuous improvements
• Understanding of security architecture, secure design, threat modeling, and software security principles Understanding of system-level concepts including multi-threaded design, synchronization, and interprocess Shown ability to meet deadlines and schedule constraints
• Proven record in defining processes, key metrics and executing on them
• Experience supporting multiple projects simultaneously
• Outstanding presentation skills both in person and in multi-location meetings

PREFERRED QUALIFICATIONS

• Experience in some or all of the following areas: Software Security Assurance, Application Security, Threat Modeling, Secure Coding Practices, Vulnerability Assessment, Security Code Reviews, Secure Development Lifecycle (SDLC), Security Requirements Analysis, Secure Architecture Design, Static Code Analysis, Dynamic Application Security Testing (DAST), Secure Deployment Practices, Security Training and Awareness, Secure Development Tools and Techniques, Secure Development Frameworks (e.g., OWASP SAMM), Secure Software Development Methodologies (e.g., Agile, DevSecOps), Security Testing Automation, Continuous Integration/Continuous Deployment (CI/CD) Security

Please refer the Job description for details