SaaS Security Engineer Seattle,Washington,United States Corporate Functions Apple is seeking a Software-as-a-Service (SaaS) Security Engineer within the Apple Information Security (AIS) organization. We are looking for an experienced security professional who is passionate and knowledgable about SaaS, Cloud, and Web Application Security. This position will be responsible for ensuring the security maturity of Apple’s most critical SaaS assets and developing new methods to scale the program while reducing Apple’s attack surface. **Description** * This position requires a broad mix of technical expertise coupled with polished communication and emotional intelligence to influence our SaaS Supplier’s and Business Partners. * The successful candidate will have a passion for technical excellence and team collaboration with a heavy focus on offensive security . This role will work closely with business parters, peer security teams, and Suppliers to ensure the secure design, deployment, and configuration of new and existing SaaS. * Perform security architecture reviews and threat models of the full stack of SaaS, including applications built on cloud and emerging technologies with an understanding and impact of the shared responsibility model. * Conduct targeted penetration and application testing of SaaS to provide true validation of the security posture of Apple use-cases. This role requires creative thinking and a tailored approach across a diverse population of Cloud-based products and services. * Work cross-functionally with business teams and defense to execute Purple Team engagements to enhance threat and anomaly detections. * Proactively identify vulnerabilities and misconfigurations across Apple’s SaaS population. * Provide clear and detailed risk reduction and remediation guidance to 3rd Party SaaS Suppliers and Apple business teams. * Research new and emerging threats to ensure Apple’s assessment methodology is keeping pace with security trends. * Deliver program enhancements to approach, methodology, and focus areas. * Thrives in a fast pace environment with the ability to effectively shift priorities due to evolving business needs and emerging security trends. **Minimum Qualifications** + 5+ years of work experience with manually testing SaaS and Web Applications. + Experience with evaluating and testing the security of Public Cloud environments (ie; AWS, GCP, Azure). + In-depth knowledge identifying and protecting against web application and API security vulnerabilities. + Experience executing Threat Modeling and Design Reviews. + Strong understanding of Application Security, Cloud Security, Network Security, Identity and Access Management, and Cryptography. + Experience with Python, Go, and/or bash scripting. + In-depth knowledge of the security assessment processes and lifecycle with the ability to identify potential improvement areas and gaps in existing processes. + Excellent written and oral communication skills, including experience + Understanding of key infrastructure including micro-services architectures, Git, code repositories, Infrastructure-as-a-code, Kubernetes, CI/CD frameworks **Key Qualifications** **Preferred Qualifications** + Experience with testing or understanding the threats of AI enabled services. + Experience with the security implications and testing Electron-based applications. + Experience with SQL, Databricks, and Spark programming. + Contributions to the security community such a research, published CVEs, bug-bounty recognitions, open-source projects, blogs or publications. + Experience using Dynamic Application Security Testing (DAST) capabilities. + Industry Certifications such as GWAPT, GPEN, GCPN, OSWE. + Experience in Supply Chain Risk Management + Bachelors Degree or equivalent work experience **Education & Experience** **Additional Requirements** **Pay & Benefits** + At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $166,600 and $296,300, and your base pay will depend on your skills, qualifications, experience, and location.Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation.Learn more (https://www.apple.com/careers/us/benefits.html) about Apple Benefits.Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program. + Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics.Learn more about your EEO rights as an applicant. (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf) **Apple Footer** Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant (Opens in a new window) . Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants. United States Department of Labor. Learn more (Opens in a new window) . Apple participates in the E-Verify program in certain locations as required by law. Learn more about the E-Verify program (Opens in a new window) . Apple is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. Reasonable Accommodation and Drug Free Workplace policy Learn more (Opens in a new window) . Apple is a drug-free workplace. Reasonable Accommodation and Drug Free Workplace policy Learn more (Opens in a new window) . Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. If you’re applying for a position in San Francisco, review the San Francisco Fair Chance Ordinance guidelines (opens in a new window) applicable in your area. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.