AliCloud Security Engineer, Vulnerability Management
Santa Clara Valley (Cupertino),California,United States
+ Experience assessing and mitigating risks related to public cloud deployment (e.g. AliCloud, AWS, Tencent Cloud, Azure)
+ Experience in infrastructure templating tools like AliCloud Resource Orchestration Service, AWS CloudFormation, and equivalents
+ Understanding of networking concepts on Cloud such as VPCs, DNS PrivateZone, SLB, CDN, security group on AliCloud and equivalents
+ Experience with storage services such as OSS, EBS (ESSD), file storage NAS, and Tablestore on Alicloud and its equivalents
+ Experience with containerization on Cloud, ACK (Dedicated/Managed/Serverless Kubernetes), ACR (Container Registry), ASM (Service Mesh) on AliCloud
+ Understanding of container security such as container escape, malicious image, master/node security baseline
+ Experience implementing cloud native security controls using IAM, Config, Security Center, ActionTrail, CloudMonitor, KMS, WAF, Certificate Service on AliCloud and its equivalents
+ Experience with Anqishi/Security Center agent installation and agent based HIDS, including vulnerability scanning, baseline monitoring, backdoor alerting, reverse shell detecting
+ Experience with security orchestration, automation and response tools Very good understanding of vulnerability scanning tools
+ Familiarity with common security vulnerabilities and the ability to judge their severity and impact to the business
+ Experience with programming languages such as Python, Golang, and Scala
+ Experience with advanced query language such as SparkSQL
+ Experience in configuring CI/CD processes using Jenkins or Spinnaker
+ Experience in web-based applications or web services
+ Driven to automate and continuously improve
+ Passionate about keeping our customers data safe
+ Ability to track and manage numerous parallel activities
+ Strong communication skills
+ Highly collaborative
+ High standard of ethics
+ Excellent knowledge of large-scale security solutions integration
+ Good knowledge of integrating, analyzing, and presenting relevant metrics for very large data sets
+ Knowledge of the Cloud research community is a strong plus
You will join a team who is passionate about staying up to date on emerging security vulnerabilities and threats, keeps a cool head in crisis, and advocates every single day for improving the security of Apple products and services. Successful candidates will need to have a good technical background, super communication skills, and a strong interest in network, system, and web security. The role also requires a strong ability to work with incomplete information and to adapt to changing priorities. Specific responsibilities include: * Designing, developing, and implementing cloud security detections and tools that improve the defense of Apple cloud infrastructure and applications * Analyze systems, threat model new features, identify security vulnerabilities in implementation, and recommend cloud security controls to ensure end-to-end protection * Manage and triage findings from cloud security tools * Documenting and disseminating security guidelines for common cloud security issues, remediation guidance, and security baselines * Strategize vulnerability management for the application and business team in the cloud
**Education & Experience**
BS in Computer Science, Information Technology, or related field and 5 years experience in information technology or related field within the last 10 years OR 7 years experience in information technology
Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant (Opens in a new window) .
Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants. United States Department of Labor. Learn more (Opens in a new window) .
Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. If you’re applying for a position in San Francisco, review the San Francisco Fair Chance Ordinance guidelines (opens in a new window) applicable in your area.
Apple participates in the E-Verify program in certain locations as required by law. Learn more about the E-Verify program (Opens in a new window) .
Apple is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. Apple is a drug-free workplace. Reasonable Accommodation and Drug Free Workplace policy Learn more (Opens in a new window) .