Apple's Security Engineering & Architecture organization is responsible for the security of all Apple products. The team is passionate about demonstrating the reliability and strength of the key security features of Apple devices and services through a great variety of cybersecurity regulations and certifications programs. We drive the public assurance of Apple security solutions, proving that Apple meets and exceeds industry and regional security standards and cybersecurity regulations.
Your influence will be felt throughout Apple's extraordinary products, all over the world. As cybersecurity regulation expands — from the EU Cyber Resilience Act (CRA) and Cybersecurity Act (CSA) to the EU AI Act and emerging frameworks across the globe — our team is at the forefront of Apple's security assurance. We proactively shape Apple's regulatory approach, turning complex security requirements into clear compliance paths, and play a central role in enabling Apple products to reach people everywhere. Are you ready to make a difference? Join our highly motivated, collaborative global team and help shape the future of cybersecurity regulation and certifications at Apple.
Description
Our team is responsible for defining and running the cybersecurity regulations compliance approach for all the Apple products such as Mac, iPhone, iPad, Apple Watch, Vision Pro and Apple TV. We also lead these cybersecurity regulations around the world utilizing a great variety of standards, certification schemes, and cybersecurity regulatory frameworks.
The cybersecurity landscape has undergone a fundamental shift: cybersecurity regulation and security certification are converging. Major regulations such as the EU Cyber Resilience Act (CRA), the EU Cybersecurity Act (CSA) with its certification scheme (EUCC, EUDIW, EUCS, EU5G and EUMSS), AI Act, CNSA 2.0 and emerging cybersecurity laws across Asia-Pacific are reshaping how Apple demonstrates security assurance. Our team is uniquely positioned at this intersection, leveraging deep technical expertise to build compliance paths for regulatory requirements.
At the intersection of security technologies, industry influence, evolving governmental standards and cybersecurity regulations, the team is looking for a motivated engineer to help with defining and leading security certifications and cybersecurity regulatory efforts.
This position is for an engineer passionate about security through demonstrating the robustness of Apple’s products and proving they deliver world-class security
If this is you, we'd love to hear from you.
Responsibilities
Analyzing cybersecurity regulations to assess their impact on Apple products and identifying compliance strategies that build or leverage technical evidence and processes Proactively driving Apple's cybersecurity regulation strategy in collaboration with Legal and Government Affairs teams Working cooperatively with other parts of Apple on cross-functional technologies and their security strategies Collaborating with industry representatives, evaluation labs, governmental bodies, and regulatory authorities Driving certifications and regulations of complex products from beginning to end Monitoring the global regulatory landscape and contributing to the development of security standards and regulations that align with Apple's security posture
Minimum Qualifications
Significant understanding of security engineering principles Experience with cybersecurity regulatory frameworks (e.g., EU Cyber Resilience Act, EU Cybersecurity Act, EUCC, EUDIW, EU AI Act and/or equivalent regional cybersecurity regulations) Passion for high quality deliverables, thriving for efficiency Ability to work cross-functionally with other software, hardware, marketing, legal, government affairs, and support teams to demonstrate security robustness of Apple's products
Preferred Qualifications
Working knowledge of Common Criteria and FIPS 140-2/3 certifications, or strong willingness to learn Experience writing product security profiles for evaluation scoping (Security Target, Protection Profile, or other product security definition) Experience in security certifications and/or cybersecurity regulations and associated external stakeholders (certification bodies, regulators and evaluation laboratories) Experience analyzing cybersecurity regulations and translating regulatory requirements into compliance strategies leveraging existing technical evidence Ability to monitor and assess the impact of emerging cybersecurity regulations across multiple jurisdictions (EU, US, Asia-Pacific) An effective communicator and engaging presenter who can influence multiple audiences from engineering teams to senior leadership Excellent teamwork skills and ability to represent Apple and your organization in conversations with authorities Strong written and verbal communication skills in English; proficiency in other languages (e.g., German, French, Spanish) nice to have.
At Apple, we're not all the same. And that's our greatest strength. We draw on the differences in who we are, what we've experienced, and how we think. Because to create products that serve everyone, we believe in including everyone. Therefore, we are committed to treating all applicants fairly and equally. We will work with applicants to make any reasonable accommodations.
At Apple, we believe accessibility is a fundamental human right. You’ll find that idea reflected in everything here — in our culture, our benefits and our digital tools. By welcoming as many perspectives as possible, we help you build a career where you feel like you belong.
Learn about accessibility in Apple’s workplace