Cybersecurity Regulations Engineer , SEAR

Our team is responsible for defining and running the cybersecurity regulations compliance approach for all the Apple products such as Mac, iPhone, iPad, Apple Watch, Vision Pro and Apple TV. We also lead these cybersecurity regulations around the world utilizing a great variety of standards, certification schemes, and cybersecurity regulatory frameworks. The cybersecurity landscape has undergone a fundamental shift: cybersecurity regulation and security certification are converging. Major regulations such as the EU Cyber Resilience Act (CRA), the EU Cybersecurity Act (CSA) with its certification scheme (EUCC, EUDIW, EUCS, EU5G and EUMSS), AI Act, CNSA 2.0 and emerging cybersecurity laws across Asia-Pacific are reshaping how Apple demonstrates security assurance. Our team is uniquely positioned at this intersection, leveraging deep technical expertise to build compliance paths for regulatory requirements. At the intersection of security technologies, industry influence, evolving governmental standards and cybersecurity regulations, the team is looking for a motivated engineer to help with defining and leading security certifications and cybersecurity regulatory efforts. This position is for an engineer passionate about security through demonstrating the robustness of Apple’s products and proving they deliver world-class security If this is you, we'd love to hear from you. Minimum Qualifications Significant understanding of security engineering principles Experience with cybersecurity regulatory frameworks (e.g., EU Cyber Resilience Act, EU Cybersecurity Act, EUCC, EUDIW, EU AI Act and/or equivalent regional cybersecurity regulations) Passion for high quality deliverables, thriving for efficiency Ability to work cross-functionally with other software, hardware, marketing, legal, government affairs, and support teams to demonstrate security robustness of Apple's products Preferred Qualifications Working knowledge of Common Criteria and FIPS 140-2/3 certifications, or strong willingness to learn Experience writing product security profiles for evaluation scoping (Security Target, Protection Profile, or other product security definition) Experience in security certifications and/or cybersecurity regulations and associated external stakeholders (certification bodies, regulators and evaluation laboratories) Experience analyzing cybersecurity regulations and translating regulatory requirements into compliance strategies leveraging existing technical evidence Ability to monitor and assess the impact of emerging cybersecurity regulations across multiple jurisdictions (EU, US, Asia-Pacific) An effective communicator and engaging presenter who can influence multiple audiences from engineering teams to senior leadership Excellent teamwork skills and ability to represent Apple and your organization in conversations with authorities Strong written and verbal communication skills in English; proficiency in other languages (e.g., German, French, Spanish) nice to have.