Senior Detection Engineer

The Detection team within Apple Services Engineering (ASE) is responsible for building advanced detections that protect approximately three-quarters of Apple’s systems and services. We achieve this by partnering closely with engineering teams to develop a deep technical understanding of how these systems operate, along with a comprehensive grasp of the threat landscape. This allows us to build state-of-the-art security detections that proactively defend against real-world attacks. In this role, you’ll drive the development of innovative detection technologies that uncover malicious activity within our existing datasets and alert streams. You’ll need a deep understanding of attacker behavior, along with the technical ability to independently design and build systems that transform large volumes of raw signals into high-fidelity, actionable alerts. We’re looking for someone who’s not just technical, but curious. Someone who’s excited to chase down threats, lead initial investigations, and collaborate closely with other teams to refine and scale our detection capabilities. This role offers the opportunity to shape the future of Apple’s security and make a meaningful impact on the safety and privacy of billions of users worldwide. If you’re passionate about blending code, data, and security to stay one step ahead of attackers, we’d love to hear from you! Description As part of the ASE Detection Team, you will: - Deliver technology and insights to get more value out of existing datasets and detection alerts combining existing datasets and detection signals to surface up high quality alerts and malicious activities. - Deliver technology to facilitate and/or automate efficient initial analysis and investigation of the roll-up alerts, leveraging Slack Ops. - Perform initial triage and security investigation of roll-up alert triggers, then work cross-team if incident response is needed. - Drive improvement in manual response to detection alerts.

Minimum Qualifications

• 7 years of experience developing and delivering technology. 5 years should be hands-on writing code in either Scala or Python.
• Masters Degree in Data Science, Statistics, Mathematics, Computer Science, Engineering, or Information Systems. Educational coursework must have provided a strong foundation in statistical theory, algorithms, and data structures.
• Credible understanding of real attacker behaviors (e.g. threat intelligence, incident response, threat hunting, red teaming, etc).
• Proven track record to incubate technology solutions “from zero to one” with minimal guidance.

Preferred Qualifications

• Experience delivering systems to find very small amounts of signal in a very large dataset that has high noise.
• Publicly accessible source code or published papers related to finding very small amounts of signal in a very large and diverse dataset.
• Experience developing custom slack integrations, and integrating with various ticket tracking systems.
• Experience with kubernetes.
• Experience with web services and databases.
• Experience with syscall events especially around network and process.
• Experience with kernel and virtualization stacks.

Pay & Benefits At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $171,600 and $302,200, and your base pay will depend on your skills, qualifications, experience, and location. Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses - including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits. Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program. Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant . Submit Resume Apply tot his job Apply To this Job