DevOps Software Engineer- Threat Intelligence

Job Description:

As part of Apple's Security Engineering & Architecture (SEAR) organization, you'll join our mission to create the world's most secure products. We are committed to building groundbreaking tools that empower our threat intelligence analysts to detect, investigate, and respond to emerging threats faster and with greater confidence. We are seeking a DevOps Software Engineer to take ownership of security research prototypes and scaling them into reliable, production-grade services. By combining infrastructure and software development, you will directly contribute to our mission to create the world's most secure products.
A strong candidate for this role is passionate about building reliable, secure, and scalable infrastructure that directly amplifies threat intelligence impact. You will work closely with threat intelligence analysts, located worldwide, to transform internal analysis tools - including intelligence triage tools, threat correlation platforms, indicator enrichment systems, and ML-powered data intelligence engines - into reliable and robust production services that keep pace with the dynamic environment at Apple. You will own the complete journey: from evaluating prototype readiness and hardening codebases for scale, through deployment, to ongoing reliable operation. On the development side, you will assess threat intelligence codebases and tooling for production readiness, extend and improve them for scale, and build the service APIs and integrations that make them reliable, robust, and performant. On the infrastructure side, you will design containerized deployments, establish CI/CD pipelines, implement secrets management and access controls, and build monitoring and observability practices that keep platforms performant and secure.
Experience designing and operating cloud and on-premises service infrastructure, with advanced knowledge of containerization, Kubernetes, data storage, networking, authentication/authorization (OIDC, OAuth), queuing, logging, and monitoring. Advanced knowledge in scripting and programming languages, including Python and Bash as well as familiarity with AI/ML workflows and agents. Experience with CI/CD pipelines and automation tooling (e.g., Jenkins, GitHub Actions, or equivalent), and observability stacks (e.g., Prometheus, Grafana, OpenSearch/ELK). Self-starter with strong ownership, accountability, and ability to work autonomously and collaboratively across teams and organizations in a fast-paced environment.
Prior experience working with threat research or threat intelligence teams. Intellectually curious team player with a growth mindset and a genuine passion for finding, understanding, and mitigating cyber threats. Experience with and/or strong enthusiasm for security, especially offensive security and threat research. Prior experience working with large-scale data pipelines and storage systems. Remote work, with occasional travel