Detection Engineer

Imagine what you could do here. At Apple, new ideas have a way of becoming extraordinary products, services, and customer experiences very quickly. Bring passion and dedication to your job and there's no telling what you could accomplish. We’re a diverse collection of thinkers and doers, continually reimagining our products, systems, and practices to help people do what they love in new ways. This is a deeply collaborative place, where everything we create is the result of people in different roles and teams working together to make each other’s ideas stronger. That same passion for innovation that goes into our products also applies to our practices, strengthening our commitment to leave the world better than we found it.

Apple is seeking an exceptional engineer to join its global Detection & Response team. This is a hands-on technical role which involves the creation, testing, and maintenance of Apple’s threat detection software. Additional responsibilities include:

• Provide feedback and adhere to detection development lifecycle.
• Quantify the efficacy of Apple’s detection software with attack simulation and red team collaboration.
• Formulate new detection ideas based on newly-published research, industry trends, or major incidents.
• Drive the requirements for Apple’s security telemetry and response tools.
• Automate the triage and response to security incidents.

• 5+ years of experience in security engineering, threat detection, or incident response.
• Proven ability to write and tune detections for cloud, SaaS, and endpoint environments.
• Strong software development background with hands-on experience in Apache Spark, SQL, GitHub workflows, and CI/CD practices.
• Knowledge of MITRE ATT&CK, threat modeling, and common attacker techniques.
• Demonstrated experience analyzing telemetry from logs (endpoint, network, or application).
• Solid understanding of cloud environments (AWS, GCP, or Azure) and cloud-native security logging.
• Exceptional written and verbal communication skills — can collaborate cross-functionally and write clear detection logic or proposals.
• Track record of team collaboration and working well in globally distributed environments.

• Experience leading or mentoring detection engineering efforts, or demonstrated readiness to lead a regional team in the future.
• Hands-on experience with automated incident response and containment tooling (SOAR platforms, custom scripts, etc.).
• Familiarity with Apple-scale detection challenges, including scaling detection-as-a-service (DD platform, FACNET, Skywagon, etc.).
• Passion for building tools and platforms that enable other engineers, not just writing detections.
• Holds relevant industry certifications (e.g., GIAC, OSCP, AWS Security Specialty).
• High ownership mindset — thrives in fast-paced environments and adapts to ambiguity.
• A sharp eye for automation opportunities and eliminating repetitive work.
• Strong interpersonal skills with a team-first attitude — approachable, constructive, and solution-oriented.

At Apple, base pay is one part of our total compensation package and is determined within a range. This provides the opportunity to progress as you grow and develop within a role. The base pay range for this role is between $181,100 and $272,100, and your base pay will depend on your skills, qualifications, experience, and location.

Apple employees also have the opportunity to become an Apple shareholder through participation in Apple’s discretionary employee stock programs. Apple employees are eligible for discretionary restricted stock unit awards, and can purchase Apple stock at a discount if voluntarily participating in Apple’s Employee Stock Purchase Plan. You’ll also receive benefits including: Comprehensive medical and dental coverage, retirement benefits, a range of discounted products and free services, and for formal education related to advancing your career at Apple, reimbursement for certain educational expenses — including tuition. Additionally, this role might be eligible for discretionary bonuses or commission payments as well as relocation. Learn more about Apple Benefits.

Note: Apple benefit, compensation and employee stock programs are subject to eligibility requirements and other terms of the applicable plan or program.

Apple is an equal opportunity employer that is committed to inclusion and diversity. We seek to promote equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant

.