---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Cupertino, California, United States
Type: Permanent F/T
Closing Date: 2008-11-07
Apple is seeking an exceptional Information Security expert to join a world-class information security team. This is a highly technical, hands-on role in a dynamic and fast paced environment. The candidate will need to have a good mixture of deep technical know-how as well as a background in higher level information security concepts e.g. ISO 17799, risk assessment methodologies etc.
Responsibilities of this position include:
• Responding to IT threats and vulnerabilities and bring these issues to resolution.
• Routinely conducting security risk assessments evaluating business requirements against impact, vulnerabilities and identifying the resulting risks.
• Supporting the global IT Security infrastructure.
• Participating in project meetings and performing security design reviews - from high level application architecture to configuration of OS level parameters to meet security goals.
• Serves as an active member of the Information Security Incident Response Team (SIRT) and participates in incident response efforts.
• Researching the latest security best practices, staying abreast of new threats and vulnerabilities and helping to disseminate this information within the group as well as to other groups within Apple.
• Security consulting to application development teams.
• A strong ability to multi-task and manage varying priorities.
• Excellent verbal and written communication skills and high attention to detail.
• The ability to analyze complex problems, quickly develop creative solutions, and adapt to a fast paced environment.
• Ability to effectively work across multiple groups within Apple
• Proficiency in networking concepts such as setting up VLANs, basic routing/switching
• Strong knowledge of scripting languages (PERL, PHP, Shell).
• Background in secure coding best practices and code auditing a plus.
• Familiar with vulnerability management solutions to highlight errors in system/network/application and database configuration.
• Proficiency in either Mac OS X or other flavors of UNIX, firewalls/VPNs, IDS, NIDS/HIDS, protocol analyzers, and vulnerability scanners.
• Experience performing packet analysis or system forensics e.g. be able to decipher tcpdump output to identify required ports, necessary protocols, who initiates the connections and when ephemeral ports are used.
• Familiarity with network and application penetration testing, buffer overflows, SQL injections, and other advanced hacking techniques.
• Experience performing web application penetration testing a plus - must include manual testing.
• Familiarity with data center operations a plus
• Familiarity with ISO standards such as 17799, 27001, NIST standards and/or PCI a plus.
Position requires a BS in Computer Science or 4+ years of equivalent, hands-on information security experience in large enterprise environments.
CONTACT
---------------------------------------------------
Candidates currently limited to US residents.
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Security Engineer
Location: Cupertino, California, United States
Type: Permanent F/T
Closing Date: 2008-11-07
Apple is seeking an exceptional Information Security expert to join a world-class information security team. This is a highly technical, hands-on role in a dynamic and fast paced environment. The candidate will need to have a good mixture of deep technical know-how as well as a background in higher level information security concepts e.g. ISO 17799, risk assessment methodologies etc.
Responsibilities of this position include:
• Responding to IT threats and vulnerabilities and bring these issues to resolution.
• Routinely conducting security risk assessments evaluating business requirements against impact, vulnerabilities and identifying the resulting risks.
• Supporting the global IT Security infrastructure.
• Participating in project meetings and performing security design reviews - from high level application architecture to configuration of OS level parameters to meet security goals.
• Serves as an active member of the Information Security Incident Response Team (SIRT) and participates in incident response efforts.
• Researching the latest security best practices, staying abreast of new threats and vulnerabilities and helping to disseminate this information within the group as well as to other groups within Apple.
• Security consulting to application development teams.
• Security technology assessments.
JOB REQUIREMENTS
---------------------------------------------------
Requirements include:
• A strong ability to multi-task and manage varying priorities.
• Excellent verbal and written communication skills and high attention to detail.
• The ability to analyze complex problems, quickly develop creative solutions, and adapt to a fast paced environment.
• Ability to effectively work across multiple groups within Apple
• Proficiency in networking concepts such as setting up VLANs, basic routing/switching
• Strong knowledge of scripting languages (PERL, PHP, Shell).
• Background in secure coding best practices and code auditing a plus.
• Familiar with vulnerability management solutions to highlight errors in system/network/application and database configuration.
• Proficiency in either Mac OS X or other flavors of UNIX, firewalls/VPNs, IDS, NIDS/HIDS, protocol analyzers, and vulnerability scanners.
• Experience performing packet analysis or system forensics e.g. be able to decipher tcpdump output to identify required ports, necessary protocols, who initiates the connections and when ephemeral ports are used.
• Familiarity with network and application penetration testing, buffer overflows, SQL injections, and other advanced hacking techniques.
• Experience performing web application penetration testing a plus - must include manual testing.
• Familiarity with data center operations a plus
• Familiarity with ISO standards such as 17799, 27001, NIST standards and/or PCI a plus.
Position requires a BS in Computer Science or 4+ years of equivalent, hands-on information security experience in large enterprise environments.
CONTACT
---------------------------------------------------
Candidates currently limited to US residents.
Please send a resume via e-mail (PDF preferred).
http://jobs.apple.com/index.ajs?BID=1&method=mExternal.showJob&RID=28542
Apple Inc
Dylan Ryder-Loomis
dylanrl (at) apple (dot) com [email concealed]
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
[ reply ]