Service Delivery Manager - Apple Information Security
Apple
IT
Austin, TX, USA
Posted on Apr 4, 2026
Apple Information Security is seeking an experienced security engineering manager to lead the Vulnerability Response team across the United States and EMEIA regions. Apple's external perimeter spans thousands of services relied upon by billions of users worldwide, and this team is responsible for continuously identifying, analyzing, and remediating vulnerabilities across that surface. You will combine hands-on technical leadership with people management, overseeing programs that include subcomponents of Apple's bug bounty program, proactive vulnerability discovery, WAF rule development, emerging threat response, and custom security tooling. You will play a critical role in protecting Apple's services and customers by ensuring timely and thorough response to security risks, fostering engineering excellence, and driving strategic initiatives that strengthen Apple's overall security posture. This role is both strategic and operational, requiring deep technical expertise, strong leadership, and the ability to manage a geographically distributed team operating in a continuous response environment.
As a manager on the Vulnerability Response team, you will lead the day-to-day operations of security engineers across the US and EMEIA regions, as well as oversee resources providing around-the-clock support. You will set team priorities, drive execution across multiple concurrent programs, and ensure operational continuity for a function that requires uninterrupted coverage. This includes direct participation in on-call escalation rotations, hands-on technical contributions such as penetration testing, variant analysis, security tool development, and strategic planning to evolve the team's capabilities over time. You will partner closely with teams across Apple to ensure coordinated and effective vulnerability response. You will represent the team in cross-functional forums, advocate for security improvements with engineering leadership, and contribute to the development of policies, processes, and tooling that scale the team's impact. You will also maintain the professional standards and reputation through oversight of researcher engagement, vulnerability adjudication, and program communications.
- Team Leadership: Lead, mentor, and grow a geographically distributed team of security engineers across the US and EMEIA regions. Set goals, support professional development, and oversee resources providing around-the-clock Tier 1 support.
- Vulnerability Response Operations: Own the team's continuous vulnerability response function, including on-call escalation, emerging threat and zero-day assessment, and coordination of rapid remediation efforts across Apple's external perimeter.
- Vulnerability Discovery and Remediation: Drive proactive security assessment programs, including penetration testing, variant analysis, and large-scale scanning initiatives, to identify and remediate vulnerabilities before they are discovered or exploited by external parties.
- Security Program Management: Manage the lifecycle of external researcher engagement, report validation, risk assessment, and remediation coordination.
- Security Tooling and Automation: Guide the development and maintenance of custom security tools and automation that support vulnerability detection, analysis, and remediation tracking at scale, including the application of emerging technologies to increase operational efficiency.
- Cross-Functional Collaboration: Serve as a trusted security advisor to engineering, product, and leadership teams, partnering across security and infrastructure organizations to align vulnerability response priorities with broader security objectives and drive adoption of security improvements.
- 8+ years of experience in information security, with demonstrated expertise in vulnerability management, web application penetration testing, and incident response for large-scale internet-facing services, including 3+ years of people management experience leading and developing teams of security engineers.
- Strong technical proficiency in web application security, including hands-on experience identifying and remediating common vulnerability classes, and software development skills in one or more of Python, Go, or Bash.
- Experience managing or contributing to a vulnerability disclosure or bug bounty program, including researcher engagement, vulnerability validation, and coordinated disclosure processes.
- Experience with vulnerability scanning tools and methodologies at enterprise scale, including both commercial and open-source solutions.
- Demonstrated ability to manage geographically distributed teams across multiple time zones, with willingness to participate in on-call rotations, including weekends, as part of a tiered escalation model.
- Excellent written and verbal communication skills, with the ability to articulate complex security issues and risk to both technical and non-technical audiences.
- Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent professional experience.
- Experience with cloud-native architectures, WAF technologies, and DNS security disciplines, with the ability to assess security implications across modern deployment and infrastructure environments.
- Background in applying AI and machine learning techniques to security operations, including automated analysis, classification, or remediation workflows.
- Relevant industry certifications such as CISSP, OSCP, OSCE, GPEN, or equivalent are helpful but not required.
Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.