Firm Name: Apple

Numbers of Jobs: Instructional Security Engineer

Education Need: Graduate

Job Hours: 8

Payment: $20-$30/Hours

What's Job City: San Francisco

Job Details:

• The primary responsibility of this position is to focus security expertise on developing, producing, and distributing information security training materials and supporting materials into an engineering-focused engagement program that includes a Security Champions program. Our team is integrated into security assurance and develops strategic, widely visible programs throughout the organization to drive and significantly improve security outcomes through increased information sharing and dissemination.
•  Many product security engineers or pen testers start out in this line of work with little to no formal teaching experience, but as they scale security, they develop the skills to empower engineers. In order to set up our engineering partners for long-term success, we are looking for security professionals who are passionate about fostering that culture. They might have discovered their love for instructing others by organizing a CTF during mentorship or security awareness month, or they might enjoy giving speeches and facilitating workshops at conventions.
•  In-depth technical expertise in information security as well as skillful, sympathetic communication skills are required of the ideal candidate.

 Significant Qualities.

•  a minimum of five years of relevant experience in security engineering, preferably in adversarial simulation (penetration testing), application security, or product security.
•  Although developer-level proficiency in at least one additional language is necessary, Python, Java, JavaScript, and Golang are preferred.
•  having familiarity with and experience using the Secure Development Lifecycle, as well as the various security assurance practices incorporated into it.
•  a working knowledge of threat modeling, including the capacity to identify potential attack surfaces and foresee intrusion techniques.
•  thorough knowledge of typical web application weaknesses (e. g. OWASP Top 10) and the ability to keep up with newly discovered and evolving attack types (e. g. theft of HTTP requests).
•  CI/CD pipelines and multi-tenancy compute infrastructure are included in the security knowledge that covers the entire software supply chain.
•  quickness in implementing new technology stacks.
•  the capacity to design frameworks and oversee their implementation for managing security threats and vulnerabilities.
•  experience analyzing software and services to identify flaws in complex systems.
•  having experience advising engineering teams on vulnerability mitigation methods.
•  Experience preventing vulnerabilities by offering teams advice on how to build securely, providing direction through implementation details, and being flexible where technical limitations exist.
•  superior speaking and writing skills.
•  the capacity to speak in front of an audience and present well.
•  technical writing skills.
•  the ability to communicate complex concepts clearly to a large group of listeners with varying levels of knowledge.
•  communication prowess when speaking to a technical audience of engineers.
•  Empathy for our engineering colleagues and the ability to collaborate to develop solutions that meet everyone's needs.
•  protection of users' fundamental right to data privacy.

 Description.

•  * Create and deliver instruction on engineering best practices.
•  * Create and deliver engineering training on common vulnerability types and how to avoid them.
•  * Create security training programs and deliver them that are specific to the technical infrastructure and tooling of our organization.
•  * Create and deliver security training programs in accordance with assessments of challenge areas.
•  * Assist in the development and management of the ambitious Security Champions program, which offers learning opportunities for engineers interested in security and helps them advance their careers.
•  * Assist security champions in establishing themselves as effective domain authorities for their group.
•  * Work with security champions to identify ways to improve the security posture of their software or service.
•  * Contribute to the team's long-term success by serving as a link in the chain for embedded Security Champions.
•  * Assist with secure design considerations and act as a subject matter expert for security-related inquiries.
•  To help identify and minimize service risks, run threat modeling exercises with engineering teams.
•  * Create and deliver tabletop exercises based on plausible threat scenarios to help engineers better understand and prepare for risk.
•  * Share helpful resources and security best practices.
•  * Current familiarity with evolving organizational and personal security concepts and threats.
•  * Collaborate with development teams to adopt secure coding practices, offering opinionated mentoring, identifying obstacles, and figuring out resource needs.
•  * Assist the security team in coming up with ideas for boosting enthusiastic and voluntarily participating developers.
•  * Spread security awareness among all departments in the company.
•  * Internationally scale up the security program.

 Both training and practical experience.

•  It is necessary to possess a bachelor's degree in computer science or engineering with a concentration in security-related fields (or have equivalent experience).

 Benefits and Compensation.

•  One element of our total compensation at Apple is base pay, which is fixed within a range. This offers you the chance to do so as you advance in a role and grow. Your base salary will depend on your education, background, level of experience, and where you live; the range for this position is between $161,000 and $242,000.
•  Employees have the opportunity to become shareholders in the company by taking part in one of Apple's adaptable employee stock programs. Employees of Apple are eligible for discretionary restricted stock unit awards and can participate voluntarily in the company's Employee Stock Purchase Plan to receive discounts on Apple stock. Along with these, if you pursue formal education aimed at developing your career at Apple, you'll receive reimbursement for some of your tuition costs, discounts on a range of goods and services, free services, retirement benefits, and more. Moving might also be a possibility for this position, along with potential commissions or bonuses. Learn about Apple Benefits.
•  Please be aware that the eligibility requirements and other conditions of the applicable plan or program, as well as Apple's benefit, compensation, and employee stock programs, all apply.