Security Monitoring Engineer

Austin, Texas, United States
Software and Services


Weekly Hours: 40
Role Number:200548128
People at Apple don’t just build products — they craft the kind of experience that have revolutionized entire industries. The diverse collection of our people and their ideas inspire innovation in everything we do. Imagine what you could do here! Join Apple, and help us leave the world better than we found it. The Apple Service Engineering (ASE) team builds and provides systems and infrastructure that fuel Apple’s services (such as iCloud, iTunes, Siri, and Maps). We are the foundation on which Apple’s software developers build the products that our customers love. Our services have to scale globally, stay highly available, and "just work.” If you love designing, engineering and running systems and infrastructure that will help millions of customers, then this is the place for you! We are looking for a hard-working and versatile Security Monitoring Engineer who will focus on creating fundamental security services, addressing identity and authorization challenges on a large scale within the ASE organization. Success in this role requires individuals to possess a blend of profound technical expertise, extensive knowledge in security, and substantial experience in large-scale operations.


As a security monitoring engineer on the ASE Security Team, you play a key role in protecting Apple Services customer data from so called “business layer” risks including insider threat and compromised accounts. You will closely partner with industry experts from engineering, security, privacy, and legal to deep dive on log data; create jobs to collect data from a heterogeneous environment of in house RESTful APIs and databases; and create detections for known bad patterns & outlier behavior. You will deliver alerts and key reports to ASE stakeholders like ASE Security Operations, privacy, compliance, and legal.

Minimum Qualifications

  • Requires at least 5 years of relevant industry experience
  • Experience analyzing and interpreting large volumes of data to identify potential threats and security incidents
  • Experience implementing security detections and with at least one of the following languages: Python, Scala, Java
  • Experience with large scale log aggregation/SIEM systems like Splunk, Exabeam, LogRhythm, etc.

Key Qualifications

Preferred Qualifications

  • Nice to have: Experience implementing Data Engineering patterns with Spark, Databricks, pandas, or SQL
  • Nice to have: An understanding of attacker exploit and evasion techniques
  • A Computer Science or engineering degree is preferred, but not required

Education & Experience

Additional Requirements

  • Apple is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, Veteran status, or other legally protected characteristics. Learn more about your EEO rights as an applicant.