Senior Cybersecurity Expert - Supply Chain Resilience
Operations
Cupertino, CA, USA
USD 203,300-305,600 / year + Equity
Posted on May 6, 2026
Imagine what you could do here. At Apple, new ideas have a way of becoming great products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. As an exceptional Senior Cybersecurity Expert in Global Sourcing & Supply Management, you will lead a transformational initiative safeguarding our global supply chain ecosystem of diverse suppliers against rapidly evolving, AI-empowered cyber threats. With a lean time and expanding scope, this role is pivotal in scaling AI-driven approaches to build attack-proof resilient operations at scale — transforming traditional point-in-time assessments into continuous, AI-augmented assurance while defending against adversaries weaponizing the same technologies. This is a high-impact leadership role requiring a unique blend of cybersecurity expertise, AI fluency, supply chain acumen, and proven ability to drive large-scale, cross-jurisdictional programs that deliver measurable results with constrained resources.
You will tackle one of the most complex cybersecurity challenges in modern supply chain management, in an era where the pace of AI-driven offense is outstripping traditional defense models: Scale & Diversity: Drive consistent cyber resilience across over 1,000 global suppliers with vastly different maturity levels, IT dependencies, manufacturing processes, AI adoption maturity, and infrastructure capabilities spanning multiple geographies AI-Era Threat Landscape: Defend against an adversary ecosystem that is rapidly adopting agentic AI, automated reconnaissance, AI-generated social engineering, deepfake-enabled fraud, and autonomous attack orchestration — while suppliers themselves introduce new attack surfaces through their own accelerating, often ungoverned, AI and agentic AI adoption. Execution: Transform the traditional point-in-time audit and remediation model into a continuous, AI-augmented assurance approach that drives sustained and consistent implementation of security controls across supplier environments and user populations at machine speed Concurrent Transformation: Implement effective cybersecurity practices across the entire supplier base simultaneously, leveraging automation and agentic AI to minimize reliance on sequential or selective remediation Tangible Outcomes: Achieve measurable reduction in ransomware and and AI-enabled attacks and business disruption, prioritizing operational resilience over theoretical compliance
- Design and execute a comprehensive supplier cyber resilience strategy that builds attack-free operations across the entire supplier ecosystem
- Develop scalable, pragmatic frameworks that accommodate varying supplier maturity levels — including their AI adoption posture — while driving consistent outcomes
- Architect innovative & defensible approaches to counter AI-empowered cyber threats in diverse manufacturing environments — agentic adversaries, autonomous attack chains, and AI-powered social engineering, while establishing governance for secure AI adoption within supplier environments
- Translate complex cybersecurity and AI risk challenges into clear problem statements and actionable strategies for executive leadership
- Deploy cross-jurisdictional cybersecurity programs that deliver proven effectiveness and measurable results across global operations at machine speed
- Move beyond traditional audit models to establish AI-augmented continuous monitoring, remediation tracking, and sustained compliance mechanisms
- Use agentic AI to scale assurance, accelerate remediation, and outpace adversary automation
- Build supplier engagement models that drive C-suite commitment, AI risk awareness, and resource allocation with supplier organizations
- Establish metrics and reporting frameworks that demonstrate tangible risk reduction, operational resilience, , and defensive parity against AI-enabled threats
- Partner with Procurement, Operations, Legal, IT, business and engineering teams to integrate cyber resilience into supplier management processes
- Collaborate closely with internal AI governance, responsible AI, and AI security functions to align supplier requirements with enterprise AI strategy
- Leverage internal subject-matter experts across various security functions and orchestrate cross-functional teams toward unified procurement cyber resilience objectives
- Influence and align stakeholders across the organizations to support supplier cybersecurity and AI risk requirements
- Assess diverse manufacturing value chains and tailor cybersecurity approaches to different supplier business models and operational realities, operational realities, and AI adoption profiles
- Develop compelling business cases that motivate supplier leadership to prioritize and invest in cybersecurity improvements and responsible AI
- Create graduated and scalable implementation pathways that enable suppliers of varying sophistication to achieve tangible progress in cyber defense, resilience, and AI risk management
- Establish baseline cyber resilience metrics across the supplier ecosystem
- Deploy AI-augmented continuous monitoring and remediation tracking across all critical suppliers
- Demonstrate measurable reduction in successful ransomware and AI-enabled attacks
- Achieve quantifiable improvement in mean-time-to-remediation for identified vulnerabilities, with defensive cycle times that keep pace with adversary automation
- Secure documented C-suite commitment from top-tier suppliers to cybersecurity programs
- Build a scalable operating model that can sustain and accelerate improvements as both the supplier base and the threat landscape evolve
- 20+ years of experience leading cybersecurity or risk management functions, with demonstrated success in team development, motivation, and delivering accelerated results with constrained resources
- Bachelor's degree; active CISSP certification required
- Proven history of reducing cyber attacks and minimizing business disruption at scale across large, distributed organizations.
- Experience deploying cross-jurisdictional cybersecurity programs with documented effectiveness and measurable outcomes.
- Demonstrated experience defending against AI-empowered threats and/or leveraging AI to scale defensive operations
- Deep supply chain and infrastructure expertise, specifically understanding high-tech manufacturing environments and IT/network dependencies in industrial operations.
- Demonstrated ability to develop scalable initiatives that address emerging threats, including AI-empowered and agentic AI–enabled attacks
- Knowledge of varying IT and network dependencies in industrial operations and their cybersecurity implications
- Working knowledge of AI and agentic AI systems — how they are built, deployed, and exploited — and their implications for both attacker capabilities and defensive strategy
- Familiarity with emerging AI security frameworks and their application to third-party risk
- Knowledge of varying IT and network dependencies in industrial operations and their cybersecurity implications
- Hands-on background in ICS (Industrial Control Systems) or OT (Operational Technology) security.
- Hands-on experience with enterprise TPRM platforms and technologies.
- Direct experience designing or operating agentic AI systems for security operations, threat detection, or third-party risk management
- Understanding of regulatory frameworks across key manufacturing jurisdictions in APAC, US, and EU
- Fluency in additional languages relevant to key supplier geographies (e.g., Mandarin).
- CCISO (Certified Chief Information Security Officer) – Desirable
- ISC2 AI security certifications – Desirable
- Supply chain and infrastructure expertise from a global supply chain management, infrastructure advisory, or similar organization, with hands-on experience bringing large-scale projects from concept to sustained operation
- Expertise in supplier cyber defense architecture and practical implementation challenges in manufacturing settings
- Executive presence with ability to distill complexity into clear narratives for C-suite audiences
- Influential communicator capable of articulating problems, actions, and results persuasively to senior leadership and external stakeholders
- Visionary thinker who can design scalable, innovative solutions to novel cybersecurity challenges
- Collaborative leader skilled at orchestrating cross-functional teams and subject-matter experts toward common goals
- Track record of moving from concept to measurable impact on compressed timelines
- Evidence of creative problem-solving in addressing cybersecurity challenges across diverse, hard-to-control environments