Application Compliance Engineer

Summary Posted: Oct 25, 2023 Weekly Hours: 40 Role Number: 200512647 Apple is seeking an outstanding Application Compliance Engineer to focus on the design and delivery of audit controls and processes within the Wallet and Payment Engineering Team. We believe it's the diversity of these people and their ideas that inspire the innovation that runs through everything we do, from amazing technology to industry-leading environmental efforts. Join Apple to become a part of our dedicated team! Are you a highly technical, hands-on person with experiences and expertise in regulatory and compliance within financial services and banking sectors, handling controls in sophisticated environments? The successful candidate will drive the implementation and testing of appropriate controls and audit requirements with internal and external business units! Key Qualifications Key Qualifications Understanding of the wider FinTech industry, mobile payments, global banking, Card network and associated regulatory requirements. Solid understanding of Payment entities (Domestic & international Card Network, Issuing bank, Acquiring bank, PSPs, Payment Gateways etc) Experience with compliance controls but not limited to PCI DSS, PCI PIN, PCI PTS, PCI 3DS, APN, SOC1 & SOC2, SOX, GDPR and other global laws and regulation requirements Engineer innovative processes, solutions and tooling for Compliance. Advanced knowledge of IT security risk frameworks and relevant compliance regulations. Track compliance gaps and ensure work to remediate gaps meets deadlines 6+ years experience in payments (Issuer/Acquirer/Card network/Payment Gateway etc). 4+ years experience in payments compliance projects Proven understanding of technical application flows and security architectures Familiarity with public/private/hybrid cloud concepts (GCP, AWS, Azure), IaaS, PaaS and SaaS Services (compute, storage, network, security, administration, automation, application services, databases) in either native cloud or hybrid-cloud environments Description Description Work with application engineering, infrastructure, and corporate compliance teams to design and implement accurate controls. Serve as an advisor to Engineering, Security, and Business process teams to assist them in supporting compliance efforts. Sample and test compliance controls to ensure efficiency. Identify and remediate control gaps and deficiencies. Work with external auditing teams and business assurance to perform full audits. Partner with external teams to gain acceptance of compliance projects. Foster a strong security and compliance culture throughout the team. Education & Experience Education & Experience Bachelor of Science in Computer Science and 6+ years experience Hands-on technology operations in large enterprise environments CISSP and CISA are not required but a plus Additional Requirements Additional Requirements Providing cloud strategy services that cover all security compliance fabrics. Understanding of key infrastructure including micro-services architectures, Git, code repositories, Infrastructure-as-a-code, Kubernetes, CI/CD frameworks. Knowledge of key compliance practices around security assessments, penetration testing, vulnerability management and identity access management. Knowledge on Payment device L1, L2, L3 certification, EMV, HSM, cryptography etc. Experience with compliance controls for COTS device (Commercial Off The Shelf) but not limited to PCI CPOC, PCI SPOC