DevOps Software Engineer Lead - Threat Intelligence, SEAR

Summary

Posted: 21 Apr 2026

Role Number:

As part of Apple's Security Engineering & Architecture (SEAR) organization, you'll join our mission to create the world's most secure products. We are committed to building groundbreaking tools that empower our threat intelligence analysts to detect, investigate, and respond to emerging threats faster and with greater confidence. We are seeking a Dev Ops Software Engineer to take ownership of security research prototypes and scaling them into reliable, production-grade services.

By combining infrastructure and software development, you will directly contribute to our mission to create the world's most secure products.

A strong candidate for this role is passionate about building reliable, secure, and scalable infrastructure that directly amplifies threat intelligence impact. You will work closely with threat intelligence analysts, located worldwide, to transform internal analysis tools — including intelligence triage tools, threat correlation platforms, indicator enrichment systems, and ML-powered data intelligence engines — into reliable and robust production services that keep pace with the dynamic environment  will own the complete journey: from evaluating prototype readiness and hardening codebases for scale, through deployment, to ongoing reliable operation.

On the development side, you will assess threat intelligence codebases and tooling for production readiness, extend and improve them for scale, and build the service APIs and integrations that make them reliable, robust, and performant. On the infrastructure side, you will design containerized deployments, establish CI/CD pipelines, implement secrets management and access controls, and build monitoring and observability practices that keep platforms performant and secure.

• You will be directly responsible for Dev Ops support across our threat intelligence teams — gathering requirements, architecting solutions, leading rollouts, and communicating progress and impact to engineers, managers, and leaders across the organization. You will bring equal rigor to code quality, security posture, and operational excellence — balancing all three to maximize SEAR's ability to proactively secure Apple products at scale.

• Experience designing and operating cloud and on-premises service infrastructure, with advanced knowledge of containerization, Kubernetes, data storage, networking, authentication/authorization (OIDC, OAuth), queuing, logging, and monitoring.
• Advanced knowledge in scripting and programming languages, including Python and Bash as well as familiarity with AI/ML workflows and agents.
• Experience with CI/CD pipelines and automation tooling (e.g., Jenkins, Git Hub Actions, or equivalent), and observability stacks (e.g., Prometheus, Grafana, Open Search/ELK).
• Self-starter with strong ownership, accountability, and ability to work autonomously and collaboratively across teams and organizations in a fast-paced environment.

• Prior experience working with threat research or threat intelligence teams.
• Intellectually curious team player with a growth mindset and a genuine passion for finding, understanding, and mitigating cyber threats.
• Experience with and/or strong enthusiasm for security, especially offensive security and threat research.
• Prior experience working with large-scale data pipelines and storage systems.
• Remote work, with occasional travel.

We draw on differences in who we are, what we've experienced, and how we think. To create products that serve everyone, we believe in including everyone. We are committed to treating all applicants fairly and equally. As a registered Disability Confident employer, we will work with applicants to make any reasonable accommodations. Apple will consider for employment all qualified applicants with criminal backgrounds in a manner consistent with applicable law.