Senior Cybersecurity Expert – Supply Chain Resilience

You will tackle one of the most complex cybersecurity challenges in modern supply chain management, in an era where the pace of AI-driven offense is outstripping traditional defense models:

Scale & Diversity: Drive consistent cyber resilience across over 1,000 global suppliers with vastly different maturity levels, IT dependencies, manufacturing processes, AI adoption maturity, and infrastructure capabilities spanning multiple geographies

AI-Era Threat Landscape: Defend against an adversary ecosystem that is rapidly adopting agentic AI, automated reconnaissance, AI-generated social engineering, deepfake-enabled fraud, and autonomous attack orchestration — while suppliers themselves introduce new attack surfaces through their own accelerating, often ungoverned, AI and agentic AI adoption.

Execution: Transform the traditional point-in-time audit and remediation model into a continuous, AI-augmented assurance approach that drives sustained and consistent implementation of security controls across supplier environments and user populations at machine speed

Concurrent Transformation: Implement effective cybersecurity practices across the entire supplier base simultaneously, leveraging automation and agentic AI to minimize reliance on sequential or selective remediation

Tangible Outcomes: Achieve measurable reduction in ransomware and and AI-enabled attacks and business disruption, prioritizing operational resilience over theoretical compliance

Design and execute a comprehensive supplier cyber resilience strategy that builds attack-free operations across the entire supplier ecosystem
Develop scalable, pragmatic frameworks that accommodate varying supplier maturity levels — including their AI adoption posture — while driving consistent outcomes
Architect innovative & defensible approaches to counter AI-empowered cyber threats in diverse manufacturing environments — agentic adversaries, autonomous attack chains, and AI-powered social engineering, while establishing governance for secure AI adoption within supplier environments
Translate complex cybersecurity and AI risk challenges into clear problem statements and actionable strategies for executive leadership
Deploy cross-jurisdictional cybersecurity programs that deliver proven effectiveness and measurable results across global operations at machine speed
Move beyond traditional audit models to establish AI-augmented continuous monitoring, remediation tracking, and sustained compliance mechanisms
Use agentic AI to scale assurance, accelerate remediation, and outpace adversary automation
Build supplier engagement models that drive C-suite commitment, AI risk awareness, and resource allocation with supplier organizations
Establish metrics and reporting frameworks that demonstrate tangible risk reduction, operational resilience, , and defensive parity against AI-enabled threats
Partner with Procurement, Operations, Legal, IT, business and engineering teams to integrate cyber resilience into supplier management processes
Collaborate closely with internal AI governance, responsible AI, and AI security functions to align supplier requirements with enterprise AI strategy
Leverage internal subject-matter experts across various security functions and orchestrate cross-functional teams toward unified procurement cyber resilience objectives
Influence and align stakeholders across the organizations to support supplier cybersecurity and AI risk requirements
Assess diverse manufacturing value chains and tailor cybersecurity approaches to different supplier business models and operational realities, operational realities, and AI adoption profiles
Develop compelling business cases that motivate supplier leadership to prioritize and invest in cybersecurity improvements and responsible AI
Create graduated and scalable implementation pathways that enable suppliers of varying sophistication to achieve tangible progress in cyber defense, resilience, and AI risk management
Establish baseline cyber resilience metrics across the supplier ecosystem
Deploy AI-augmented continuous monitoring and remediation tracking across all critical suppliers
Demonstrate measurable reduction in successful ransomware and AI-enabled attacks
Achieve quantifiable improvement in mean-time-to-remediation for identified vulnerabilities, with defensive cycle times that keep pace with adversary automation
Secure documented C-suite commitment from top-tier suppliers to cybersecurity programs
Build a scalable operating model that can sustain and accelerate improvements as both the supplier base and the threat landscape evolve

20+ years of experience leading cybersecurity or risk management functions, with demonstrated success in team development, motivation, and delivering accelerated results with constrained resources
Bachelor's degree; active CISSP certification required
Proven history of reducing cyber attacks and minimizing business disruption at scale across large, distributed organizations.
Experience deploying cross-jurisdictional cybersecurity programs with documented effectiveness and measurable outcomes.
Demonstrated experience defending against AI-empowered threats and/or leveraging AI to scale defensive operations
Deep supply chain and infrastructure expertise, specifically understanding high-tech manufacturing environments and IT/network dependencies in industrial operations.
Demonstrated ability to develop scalable initiatives that address emerging threats, including AI-empowered and agentic AI–enabled attacks
Knowledge of varying IT and network dependencies in industrial operations and their cybersecurity implications
Working knowledge of AI and agentic AI systems — how they are built, deployed, and exploited — and their implications for both attacker capabilities and defensive strategy
Familiarity with emerging AI security frameworks and their application to third-party risk
Knowledge of varying IT and network dependencies in industrial operations and their cybersecurity implications

Hands-on background in ICS (Industrial Control Systems) or OT (Operational Technology) security.
Hands-on experience with enterprise TPRM platforms and technologies.
Direct experience designing or operating agentic AI systems for security operations, threat detection, or third-party risk management
Understanding of regulatory frameworks across key manufacturing jurisdictions in APAC, US, and EU
Fluency in additional languages relevant to key supplier geographies (e.g., Mandarin).
CCISO (Certified Chief Information Security Officer) – Desirable
ISC2 AI security certifications – Desirable
Supply chain and infrastructure expertise from a global supply chain management, infrastructure advisory, or similar organization, with hands-on experience bringing large-scale projects from concept to sustained operation
Expertise in supplier cyber defense architecture and practical implementation challenges in manufacturing settings
Executive presence with ability to distill complexity into clear narratives for C-suite audiences
Influential communicator capable of articulating problems, actions, and results persuasively to senior leadership and external stakeholders
Visionary thinker who can design scalable, innovative solutions to novel cybersecurity challenges
Collaborative leader skilled at orchestrating cross-functional teams and subject-matter experts toward common goals
Track record of moving from concept to measurable impact on compressed timelines
Evidence of creative problem-solving in addressing cybersecurity challenges across diverse, hard-to-control environments

Imagine what you could do here. At Apple, new ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish.

As an exceptional Senior Cybersecurity Expert in Global Sourcing & Supply Management, you will lead a transformational initiative safeguarding our global supply chain ecosystem of diverse suppliers against rapidly evolving, AI-empowered cyber threats. With a lean time and expanding scope, this role is pivotal in scaling AI-driven approaches to build attack-proof resilient operations at scale — transforming traditional point-in-time assessments into continuous, AI-augmented assurance while defending against adversaries weaponizing the same technologies. This is a high-impact leadership role requiring a unique blend of cybersecurity expertise, AI fluency, supply chain acumen, and proven ability to drive large-scale, cross-jurisdictional programs that deliver measurable results with constrained resources.

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $203,300 and $305,600, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant

At Apple, we believe accessibility is a fundamental human right. You’ll find that idea reflected in everything here — in our culture, our benefits and our digital tools. By welcoming as many perspectives as possible, we help you build a career where you feel like you belong.

Learn about accessibility in Apple’s workplace

Learn about reasonable accommodations for job applicants

Apple accepts applications to this posting on an ongoing basis.