About the job
The Apple Services Engineering (ASE) Detection team is responsible for building advanced detections that protect approximately three-quarters of Apple’s systems and services. As our detection program scales, we need sophisticated engineering solutions that enable more effective detection creation, investigation, and response. Join Apple, and help us build world-class detection and response platforms that protect billions of users.
Responsibilities
Design and build engineering platforms that enable efficient detection creation, alert enrichment, automated investigation, and incident response workflows
Develop automation solutions that transform raw security signals into high-fidelity, actionable alerts through correlation, enrichment, and intelligent processing
Build integrations with collaboration platforms (Slack, Teams), ticketing systems, and security tools to enable seamless “SlackOps” and automated response workflows
Leverage GenAI technologies to create next-generation detection and investigation tools, applying modern AI-assisted development techniques while ensuring reliability and security
Establish engineering requirements for detection-as-code frameworks, testing methodologies, and deployment pipelines
Collaborate with detection engineers to understand operational pain points and translate requirements into scalable technical solutions
Qualifications
Minimum
5+ years of professional software development experience with demonstrated ability to ship production-quality code
Strong proficiency in Python with experience building production services, APIs, or data processing pipelines
Bachelor’s degree in Computer Science, Software Engineering, or related technical field, or equivalent professional experience
Experience with software engineering fundamentals: version control (Git), testing frameworks, CI/CD pipelines, code review practices
Demonstrable coding skills through one or more of: active GitHub profile with personal projects, contributions to open-source projects, technical blog, or portfolio of shipped software
Preferred
Proficiency in Swift, particularly for building macOS/iOS tools or applications
Experience applying GenAI/LLM technologies to software development, including prompt engineering, code generation workflows, and AI-assisted development best practices
Hands-on experience with large-scale data processing frameworks (Apache Spark, Databricks, pandas) or distributed systems
Experience building Slack bots, integrations, or custom ChatOps workflows
Familiarity with Kubernetes, container orchestration, and cloud-native application development
Experience with web services, RESTful API design, and database systems
Knowledge of security concepts: threat modeling, detection engineering, incident response, or security operations
Experience building developer tools, internal platforms, or infrastructure-as-code solutions
Active participation in technical communities: conference talks, blog posts, open-source maintainer, or published technical writing
Track record of rapidly prototyping solutions and iterating based on user feedback
Understanding of the challenges of building detection systems at scale (signal-to-noise ratios, false positive management, alert fatigue)