Senior Cybersecurity Expert - Supply Chain Resilience

Imagine what you could do here. At Apple, new ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. As an exceptional Senior Cybersecurity Expert in Global Sourcing & Supply Management, you will lead a transformational initiative safeguarding our global supply chain ecosystem of diverse suppliers against rapidly evolving, AI-empowered cyber threats. With a lean time and expanding scope, this role is pivotal in scaling AI-driven approaches to build attack-proof resilient operations at scale

• transforming traditional point-in-time assessments into continuous, AI-augmented assurance while defending against adversaries weaponizing the same technologies.

This is a high-impact leadership role requiring a unique blend of cybersecurity expertise, AI fluency, supply chain acumen, and proven ability to drive large-scale, cross-jurisdictional programs that deliver measurable results with constrained resources. Description You will tackle one of the most complex cybersecurity challenges in modern supply chain management, in an era where the pace of AI-driven offense is outstripping traditional defense models:

Scale & Diversity:

Drive consistent cyber resilience across over 1,000 global suppliers with vastly different maturity levels, IT dependencies, manufacturing processes, AI adoption maturity, and infrastructure capabilities spanning multiple geographies

AI-Era Threat Landscape:

Defend against an adversary ecosystem that is rapidly adopting agentic AI, automated reconnaissance, AI-generated social engineering, deepfake-enabled fraud, and autonomous attack orchestration

• while suppliers themselves introduce new attack surfaces through their own accelerating, often ungoverned, AI and agentic AI adoption.

Execution:

Transform the traditional point-in-time audit and remediation model into a continuous, AI-augmented assurance approach that drives sustained and consistent implementation of security controls across supplier environments and user populations at machine speed

Concurrent Transformation:

Implement effective cybersecurity practices across the entire supplier base simultaneously, leveraging automation and agentic AI to minimize reliance on sequential or selective remediation

Tangible Outcomes:

Achieve measurable reduction in ransomware and and AI-enabled attacks and business disruption, prioritizing operational resilience over theoretical compliance","responsibilities":"Design and execute a comprehensive supplier cyber resilience strategy that builds attack-free operations across the entire supplier ecosystem Develop scalable, pragmatic frameworks that accommodate varying supplier maturity levels

• including their AI adoption posture
• while driving consistent outcomes Architect innovative & defensible approaches to counter AI-empowered cyber threats in diverse manufacturing environments
• agentic adversaries, autonomous attack chains, and AI-powered social engineering, while establishing governance for secure AI adoption within supplier environments Translate complex cybersecurity and AI risk challenges into clear problem statements and actionable strategies for executive leadership Deploy cross-jurisdictional cybersecurity programs that deliver proven effectiveness and measurable results across global operations at machine speed Move beyond traditional audit models to establish AI-augmented continuous monitoring, remediation tracking, and sustained compliance mechanisms Use agentic AI to scale assurance, accelerate remediation, and outpace adversary automation Build supplier engagement models that drive C-suite commitment, AI risk awareness, and resource allocation with supplier organizations Establish metrics and reporting frameworks that demonstrate tangible risk reduction, operational resilience, , and defensive parity against AI-enabled threats Partner with Procurement, Operations, Legal, IT, business and engineering teams to integrate cyber resilience into supplier management processes Collaborate closely with internal AI governance, responsible AI, and AI security functions to align supplier requirements with enterprise AI strategy Leverage internal subject-matter experts across various security functions and orchestrate cross-functional teams toward unified procurement cyber resilience objectives Influence and align stakeholders across the organizations to support supplier cybersecurity and AI risk requirements Assess diverse manufacturing value chains and tailor cybersecurity approaches to different supplier business models and operational realities, operational realities, and AI adoption profiles Develop compelling business cases that motivate supplier leadership to prioritize and invest in cybersecurity improvements and responsible AI Create graduated and scalable implementation pathways that enable suppliers of varying sophistication to achieve tangible progress in cyber defense, resilience, and AI risk management Establish baseline cyber resilience metrics across the supplier ecosystem Deploy AI-augmented continuous monitoring and remediation tracking across all critical suppliers Demonstrate measurable reduction in successful ransomware and AI-enabled attacks Achieve quantifiable improvement in mean-time-to-remediation for identified vulnerabilities, with defensive cycle times that keep pace with adversary automation Secure documented C-suite commitment from top-tier suppliers to cybersecurity programs Build a scalable operating model that can sustain and accelerate improvements as both the supplier base and the threat landscape evolve Preferred Qualifications Hands-on background in ICS (Industrial Control Systems) or OT (Operational Technology) security.

Hands-on experience with enterprise TPRM platforms and technologies. Direct experience designing or operating agentic AI systems for security operations, threat detection, or third-party risk management Understanding of regulatory frameworks across key manufacturing jurisdictions in APAC, US, and EU Fluency in additional languages relevant to key supplier geographies (e.g., Mandarin). CCISO (Certified Chief Information Security Officer)

• Desirable ISC2 AI security certifications
• Desirable Supply chain and infrastructure expertise from a global supply chain management, infrastructure advisory, or similar organization, with hands-on experience bringing large-scale projects from concept to sustained operation Expertise in supplier cyber defense architecture and practical implementation challenges in manufacturing settings Executive presence with ability to distill complexity into clear narratives for C-suite audiences Influential communicator capable of articulating problems, actions, and results persuasively to senior leadership and external stakeholders Visionary thinker who can design scalable, innovative solutions to novel cybersecurity challenges Collaborative leader skilled at orchestrating cross-functional teams and subject-matter experts toward common goals Track record of moving from concept to measurable impact on compressed timelines Evidence of creative problem-solving in addressing cybersecurity challenges across diverse, hard-to-control environments Minimum Qualifications 20+ years of experience leading cybersecurity or risk management functions, with demonstrated success in team development, motivation, and delivering accelerated results with constrained resources Bachelor's degree; active CISSP certification required Proven history of reducing cyber attacks and minimizing business disruption at scale across large, distributed organizations.

Experience deploying cross-jurisdictional cybersecurity programs with documented effectiveness and measurable outcomes. Demonstrated experience defending against AI-empowered threats and/or leveraging AI to scale defensive operations Deep supply chain and infrastructure expertise, specifically understanding high-tech manufacturing environments and IT/network dependencies in industrial operations. Demonstrated ability to develop scalable initiatives that address emerging threats, including AI-empowered and agentic AI-enabled attacks Knowledge of varying IT and network dependencies in industrial operations and their cybersecurity implications Working knowledge of AI and agentic AI systems

• how they are built, deployed, and exploited
• and their implications for both attacker capabilities and defensive strategy Familiarity with emerging AI security frameworks and their application to third-party risk Knowledge of varying IT and network dependencies in industrial operations and their cybersecurity implications ","internalDetails":null Pay & Benefits At Apple, base pay is one part of our total compensation package and is determined within a range.

This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $203,300 and $305,600, and your base pay will depend on your skills, qualifications, experience, and location. Apple employees also have the opportunity to become an Apple shareholder through participation in Apple's discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple's Employee Stock Purchase Plan. You'll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses

• including tuition.

Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about

Apple Benefits Note:

Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program. Senior Cybersecurity Expert

• Supply Chain Resilience 4.1 4.1 out of 5 stars Cupertino, CA $203,300
• $305,600 a year Apple 14,103 reviews $203,300
• $305,600 a year Imagine what you could do here.

At Apple, new ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. As an exceptional Senior Cybersecurity Expert in Global Sourcing & Supply Management, you will lead a transformational initiative safeguarding our global supply chain ecosystem of diverse suppliers against rapidly evolving, AI-empowered cyber threats. With a lean time and expanding scope, this role is pivotal in scaling AI-driven approaches to build attack-proof resilient operations at scale

• transforming traditional point-in-time assessments into continuous, AI-augmented assurance while defending against adversaries weaponizing the same technologies.

This is a high-impact leadership role requiring a unique blend of cybersecurity expertise, AI fluency, supply chain acumen, and proven ability to drive large-scale, cross-jurisdictional programs that deliver measurable results with constrained resources. Description You will tackle one of the most complex cybersecurity challenges in modern supply chain management, in an era where the pace of AI-driven offense is outstripping traditional defense models:

Scale & Diversity:

Drive consistent cyber resilience across over 1,000 global suppliers with vastly different maturity levels, IT dependencies, manufacturing processes, AI adoption maturity, and infrastructure capabilities spanning multiple geographies

AI-Era Threat Landscape:

Defend against an adversary ecosystem that is rapidly adopting agentic AI, automated reconnaissance, AI-generated social engineering, deepfake-enabled fraud, and autonomous attack orchestration

• while suppliers themselves introduce new attack surfaces through their own accelerating, often ungoverned, AI and agentic AI adoption.

Execution:

Transform the traditional point-in-time audit and remediation model into a continuous, AI-augmented assurance approach that drives sustained and consistent implementation of security controls across supplier environments and user populations at machine speed

Concurrent Transformation:

Implement effective cybersecurity practices across the entire supplier base simultaneously, leveraging automation and agentic AI to minimize reliance on sequential or selective remediation

Tangible Outcomes:

Achieve measurable reduction in ransomware and and AI-enabled attacks and business disruption, prioritizing operational resilience over theoretical compliance","responsibilities":"Design and execute a comprehensive supplier cyber resilience strategy that builds attack-free operations across the entire supplier ecosystem Develop scalable, pragmatic frameworks that accommodate varying supplier maturity levels

• including their AI adoption posture
• while driving consistent outcomes Architect innovative & defensible approaches to counter AI-empowered cyber threats in diverse manufacturing environments
• agentic adversaries, autonomous attack chains, and AI-powered social engineering, while establishing governance for secure AI adoption within supplier environments Translate complex cybersecurity and AI risk challenges into clear problem statements and actionable strategies for executive leadership Deploy cross-jurisdictional cybersecurity programs that deliver proven effectiveness and measurable results across global operations at machine speed Move beyond traditional audit models to establish AI-augmented continuous monitoring, remediation tracking, and sustained compliance mechanisms Use agentic AI to scale assurance, accelerate remediation, and outpace adversary automation Build supplier engagement models that drive C-suite commitment, AI risk awareness, and resource allocation with supplier organizations Establish metrics and reporting frameworks that demonstrate tangible risk reduction, operational resilience, , and defensive parity against AI-enabled threats Partner with Procurement, Operations, Legal, IT, business and engineering teams to integrate cyber resilience into supplier management processes Collaborate closely with internal AI governance, responsible AI, and AI security functions to align supplier requirements with enterprise AI strategy Leverage internal subject-matter experts across various security functions and orchestrate cross-functional teams toward unified procurement cyber resilience objectives Influence and align stakeholders across the organizations to support supplier cybersecurity and AI risk requirements Assess diverse manufacturing value chains and tailor cybersecurity approaches to different supplier business models and operational realities, operational realities, and AI adoption profiles Develop compelling business cases that motivate supplier leadership to prioritize and invest in cybersecurity improvements and responsible AI Create graduated and scalable implementation pathways that enable suppliers of varying sophistication to achieve tangible progress in cyber defense, resilience, and AI risk management Establish baseline cyber resilience metrics across the supplier ecosystem Deploy AI-augmented continuous monitoring and remediation tracking across all critical suppliers Demonstrate measurable reduction in successful ransomware and AI-enabled attacks Achieve quantifiable improvement in mean-time-to-remediation for identified vulnerabilities, with defensive cycle times that keep pace with adversary automation Secure documented C-suite commitment from top-tier suppliers to cybersecurity programs Build a scalable operating model that can sustain and accelerate improvements as both the supplier base and the threat landscape evolve Preferred Qualifications Hands-on background in ICS (Industrial Control Systems) or OT (Operational Technology) security.

Hands-on experience with enterprise TPRM platforms and technologies. Direct experience designing or operating agentic AI systems for security operations, threat detection, or third-party risk management Understanding of regulatory frameworks across key manufacturing jurisdictions in APAC, US, and EU Fluency in additional languages relevant to key supplier geographies (e.g., Mandarin). CCISO (Certified Chief Information Security Officer)

• Desirable ISC2 AI security certifications
• Desirable Supply chain and infrastructure expertise from a global supply chain management, infrastructure advisory, or similar organization, with hands-on experience bringing large-scale projects from concept to sustained operation Expertise in supplier cyber defense architecture and practical implementation challenges in manufacturing settings Executive presence with ability to distill complexity into clear narratives for C-suite audiences Influential communicator capable of articulating problems, actions, and results persuasively to senior leadership and external stakeholders Visionary thinker who can design scalable, innovative solutions to novel cybersecurity challenges Collaborative leader skilled at orchestrating cross-functional teams and subject-matter experts toward common goals Track record of moving from concept to measurable impact on compressed timelines Evidence of creative problem-solving in addressing cybersecurity challenges across diverse, hard-to-control environments Minimum Qualifications 20+ years of experience leading cybersecurity or risk management functions, with demonstrated success in team development, motivation, and delivering accelerated results with constrained resources Bachelor's degree; active CISSP certification required Proven history of reducing cyber attacks and minimizing business disruption at scale across large, distributed organizations.

Experience deploying cross-jurisdictional cybersecurity programs with documented effectiveness and measurable outcomes. Demonstrated experience defending against AI-empowered threats and/or leveraging AI to scale defensive operations Deep supply chain and infrastructure expertise, specifically understanding high-tech manufacturing environments and IT/network dependencies in industrial operations. Demonstrated ability to develop scalable initiatives that address emerging threats, including AI-empowered and agentic AI-enabled attacks Knowledge of varying IT and network dependencies in industrial operations and their cybersecurity implications Working knowledge of AI and agentic AI systems

• how they are built, deployed, and exploited
• and their implications for both attacker capabilities and defensive strategy Familiarity with emerging AI security frameworks and their application to third-party risk Knowledge of varying IT and network dependencies in industrial operations and their cybersecurity implications ","internalDetails":null Pay & Benefits At Apple, base pay is one part of our total compensation package and is determined within a range.

This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $203,300 and $305,600, and your base pay will depend on your skills, qualifications, experience, and location. Apple employees also have the opportunity to become an Apple shareholder through participation in Apple's discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple's Employee Stock Purchase Plan. You'll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses

• including tuition.

Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about

Apple Benefits Note:

Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.