Detection and Response Software Engineer

The Apple Services Engineering (ASE) Detection team is responsible for building advanced detections that protect approximately three-quarters of Apple's systems and services. As our detection program scales, we need sophisticated engineering solutions that enable more effective detection creation, investigation, and response. Join Apple, and help us build world-class detection and response platforms that protect billions of users.\\n\\nWe're looking for a Detection and Response Software Engineer who is passionate about building tools and platforms that multiply the effectiveness of security teams. In this role, you'll design and implement engineering solutions that automate investigation workflows, enrich alerts with contextual data, enable rapid incident response, and leverage cutting-edge technologies including GenAI to transform how we approach detection and response.\\n\\nThis is a software engineering role with a security mission. You'll need strong development fundamentals, experience shipping production-quality code, and the ability to work at the bleeding edge of technology. We're looking for engineers who embrace GenAI-assisted development while maintaining rigorous engineering standards and best practices.\\nIf you're excited about building platforms that empower security teams and want to shape the future of detection engineering at scale, we'd love to hear from you!

As a Detection and Response Software Engineer on the ASE Detection Team, you will:\n\nDesign and build engineering platforms that enable efficient detection creation, alert enrichment, automated investigation, and incident response workflows\n\nDevelop automation solutions that transform raw security signals into high-fidelity, actionable alerts through correlation, enrichment, and intelligent processing\n\nBuild integrations with collaboration platforms (Slack, Teams), ticketing systems, and security tools to enable seamless "SlackOps" and automated response workflows\n\nLeverage GenAI technologies to create next-generation detection and investigation tools, applying modern AI-assisted development techniques while ensuring reliability and security\n\nEstablish engineering requirements for detection-as-code frameworks, testing methodologies, and deployment pipelines\n\nCollaborate with detection engineers to understand operational pain points and translate requirements into scalable technical solutions\n\n

\n5+ years of professional software development experience with demonstrated ability to ship production-quality code\nStrong proficiency in Python with experience building production services, APIs, or data processing pipelines\nBachelor's degree in Computer Science, Software Engineering, or related technical field, or equivalent professional experience\nExperience with software engineering fundamentals: version control (Git), testing frameworks, CI/CD pipelines, code review practices\nDemonstrable coding skills through one or more of: active GitHub profile with personal projects, contributions to open-source projects, technical blog, or portfolio of shipped software

\nProficiency in Swift, particularly for building macOS/iOS tools or applications\nExperience applying GenAI/LLM technologies to software development, including prompt engineering, code generation workflows, and AI-assisted development best practices\nHands-on experience with large-scale data processing frameworks (Apache Spark, Databricks, pandas) or distributed systems\nExperience building Slack bots, integrations, or custom ChatOps workflows\nFamiliarity with Kubernetes, container orchestration, and cloud-native application development\nExperience with web services, RESTful API design, and database systems\nKnowledge of security concepts: threat modeling, detection engineering, incident response, or security operations\nExperience building developer tools, internal platforms, or infrastructure-as-code solutions\nActive participation in technical communities: conference talks, blog posts, open-source maintainer, or published technical writing\nTrack record of rapidly prototyping solutions and iterating based on user feedback\nUnderstanding of the challenges of building detection systems at scale (signal-to-noise ratios, false positive management, alert fatigue)