Detection and Response Software Engineer

Apple•Austin, TX

About The Position

The Apple Services Engineering (ASE) Detection team is responsible for building advanced detections that protect approximately three-quarters of Apple’s systems and services. As our detection program scales, we need sophisticated engineering solutions that enable more effective detection creation, investigation, and response. Join Apple, and help us build world-class detection and response platforms that protect billions of users. We’re looking for a Detection and Response Software Engineer who is passionate about building tools and platforms that multiply the effectiveness of security teams. In this role, you’ll design and implement engineering solutions that automate investigation workflows, enrich alerts with contextual data, enable rapid incident response, and leverage cutting-edge technologies including GenAI to transform how we approach detection and response. This is a software engineering role with a security mission. You’ll need strong development fundamentals, experience shipping production-quality code, and the ability to work at the bleeding edge of technology. We’re looking for engineers who embrace GenAI-assisted development while maintaining rigorous engineering standards and best practices. If you’re excited about building platforms that empower security teams and want to shape the future of detection engineering at scale, we’d love to hear from you! DESCRIPTION As a Detection and Response Software Engineer on the ASE Detection Team, you will: Design and build engineering platforms that enable efficient detection creation, alert enrichment, automated investigation, and incident response workflows Develop automation solutions that transform raw security signals into high-fidelity, actionable alerts through correlation, enrichment, and intelligent processing Build integrations with collaboration platforms (Slack, Teams), ticketing systems, and security tools to enable seamless “SlackOps” and automated response workflows Leverage GenAI technologies to create next-generation detection and investigation tools, applying modern AI-assisted development techniques while ensuring reliability and security Establish engineering requirements for detection-as-code frameworks, testing methodologies, and deployment pipelines Collaborate with detection engineers to understand operational pain points and translate requirements into scalable technical solutions

Requirements

5+ years of professional software development experience with demonstrated ability to ship production-quality code
Strong proficiency in Python with experience building production services, APIs, or data processing pipelines
Bachelor’s degree in Computer Science, Software Engineering, or related technical field, or equivalent professional experience
Experience with software engineering fundamentals: version control (Git), testing frameworks, CI/CD pipelines, code review practices
Demonstrable coding skills through one or more of: active GitHub profile with personal projects, contributions to open-source projects, technical blog, or portfolio of shipped software

Nice To Haves

Proficiency in Swift, particularly for building macOS/iOS tools or applications
Experience applying GenAI/LLM technologies to software development, including prompt engineering, code generation workflows, and AI-assisted development best practices
Hands-on experience with large-scale data processing frameworks (Apache Spark, Databricks, pandas) or distributed systems
Experience building Slack bots, integrations, or custom ChatOps workflows
Familiarity with Kubernetes, container orchestration, and cloud-native application development
Experience with web services, RESTful API design, and database systems
Knowledge of security concepts: threat modeling, detection engineering, incident response, or security operations
Experience building developer tools, internal platforms, or infrastructure-as-code solutions
Active participation in technical communities: conference talks, blog posts, open-source maintainer, or published technical writing
Track record of rapidly prototyping solutions and iterating based on user feedback
Understanding of the challenges of building detection systems at scale (signal-to-noise ratios, false positive management, alert fatigue)

Responsibilities

Design and build engineering platforms that enable efficient detection creation, alert enrichment, automated investigation, and incident response workflows
Develop automation solutions that transform raw security signals into high-fidelity, actionable alerts through correlation, enrichment, and intelligent processing
Build integrations with collaboration platforms (Slack, Teams), ticketing systems, and security tools to enable seamless “SlackOps” and automated response workflows
Leverage GenAI technologies to create next-generation detection and investigation tools, applying modern AI-assisted development techniques while ensuring reliability and security
Establish engineering requirements for detection-as-code frameworks, testing methodologies, and deployment pipelines
Collaborate with detection engineers to understand operational pain points and translate requirements into scalable technical solutions

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume