#200575242_JP
In this role, you will work with a global team of security professionals to assess, analyze, and strengthen the security posture of Apple's critical manufacturing and corporate suppliers. You will be responsible for conducting in-depth vulnerability assessments, performing technical audits, and utilizing advanced tools and methodologies for threat detection, network traffic analysis. Your expertise in security frameworks (e.g., NIST, ISO 27001) and automated scripting (e.g., PowerShell, Python) will be critical in identifying vulnerabilities and implementing technical remediation strategies to secure the supply chain. Your contributions will help safeguard Apple's customers, brand, and data by ensuring suppliers adhere to strict security controls, mitigating risks across the entire supply chain. This role offers a unique opportunity to work on cutting-edge technologies, participate in network security reviews, and develop automated solutions with a worldwide impact, enhancing the security of Apple's global operations.
Minimum Qualifications
Ability to evaluate, conduct security assessments and monitor security posture of third-party Suppliers.
Proven experience in handling and conducting large-scale security remediations with track record of effective threat mitigation.
Ability to provide guidance to Suppliers on mitigating risks posed due to open Information Security gaps in assessment reports.
Skills to deliver recommendations and timely updates to management on the risk level of Suppliers.
Experience working with large-scale, globalized, multi-lingual business environments.
Experience with Wireshark, tcpdump, NetFlow, or other tools for analyzing and troubleshooting network traffic.
Hands-on experience with security tools like Nmap, Nessus, Burp Suite, or Metasploit.
Familiarity with SIEM, IDS/IPS, firewalls, and endpoint protection solutions.
Knowledge of security frameworks such as NIST, ISO 27001, SOC 2, or similar.
Ability to develop security metrics to track efficiency of controls and remediation efforts and generate reports for management on insight of organization's security posture.
Ability and skills to ensure all security assessments and remediation activities are aligned with relevant regulatory requirements and industry standards.
Preferred Qualifications
Outstanding communication skills and attention to details on sophisticated issues within various cultural settings.
Strong personal leadership traits such as self-accountability, priority management, and pride in work.
Relevant industry certifications such as CISSP, CISM, CRISC, CEH or OSCP.
Knowledge in PowerShell, Python, or similar scripting languages for automation and network tasks.
Knowledge to interpret and analyze network data from traffic analysis tools and system audits.
Familiarity with supply chain security and vendor risk management.
Familiarity with cloud security tools and environments (e.g., AWS, Azure).
Knowledge of data privacy regulations such as GDPR, CCPA.
Knowledge with DevSecOps and security automation practices.
Outstanding professional working proficiency in different languages.
Additional Requirements
さらに表示