Threat Intelligence Engineer - Apple Information Security

Full Time
Santa Clara, CA
Areas of Interest: Threat Analysis, Vulnerability Assessment and Management
report a problem

Do your life’s best work here. 
With the whole world watching.

The people here at Apple don’t just create products — they create the kind of wonder that’s revolutionized entire industries. It’s the diversity of those people and their ideas that inspires the innovation that runs through everything we do, from amazing technology to industry-leading environmental efforts. Join Apple, and help us leave the world better than we found it.

Where do you see yourself at Apple?

This role is responsible for threat intelligence analysis efforts to support customers and strengthen Apple’s information security posture. This individual will help build and expand Apple’s threat intelligence capability, to include: Agile Software Development - leverage agile techniques to develop solutions for intelligence customers, threat intelligence analysts, and members of Information Security Implementation - implement solutions for customers and the threat intelligence team as needed Data integration - implement and maintain API integrations between intelligence sources Analytics and Enrichment - identify opportunities and implement solutions for data enrichment, fusion analysis, and source evaluation The solutions designed and developed by this individual are intended to provide analytic insight to all groups within Apple who are at risk from intrusions and provide contextual information to teams that are responsible for detection.

Key Qualifications

  • Lead engineering efforts to design and implement solutions that support the threat intelligence team and intelligence customer needs
  • Implement automated ways of measuring the effectiveness of the threat intelligence program to include the number of indicators produced from analysis, number of incidents detected from analysis and number of reports generated and disseminated to Apple groups
  • Foster relationships with teams inside and outside of Information Security to understand and meet their collection and reporting requirements for threat intelligence
  • Influence what data sources need to be collected to perform threat intelligence analysis to better protect Apple employees and users from a wide range of cyber threats.
  • Follow operational security (OPSEC) best practices to ensure Apple is not responsible for damaging the credibility, security, or reputation of any intel sources.
  • Identify engineering opportunities to enhance detection systems and security controls to counter known threats.


Proven track record designing and implementing scalable, large-scale data storage and analysis platforms to organize and search vast amounts of intelligence data Ability to lead development efforts in a fast-paced environment Experience implementing real-time API-based data integrations and enrichment pipelines across a wide variety of source formats Ability to work with business partners and technical contacts to understand and address their intelligence needs Experience designing and implementing PaaS and on-demand computing platform applications Experience with indicator sharing formats and platforms - including STIX, TAXII, and OpenIOC Understanding of malware samples, forensic artifacts, command and control session data, actor information, and attacker infrastructure maps Knowledge of cyber threat landscape - including tracked actors, commonly used TTPs, and targets of past campaigns Experience developing network protocol parsers and processing full PCAP data Experience with malware classification via dynamic analysis, and static signature matching, and analysis to cluster malware samples into distinguishable families Familiarity with target-centric intelligence analysis with a focus on cyber threats Understanding of current threat detection tools and technologies Familiarity with forensics tools and techniques including memory analysis, disk metadata analysis, and file carving Familiarity with intelligence link analysis tools used to model relationships between intelligence items - including Maltego, Analyst’s Notebook, and Palantir

Apple is an Equal Employment Opportunity Employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities. If you'd like more information about your EEO rights as an applicant, please click here. Apple will not discriminate or retaliate against applicants who inquire about, disclose, or discuss their compensation or that of other applicants. For more information, please click here. Apple will consider for employment all qualified applicants with criminal histories in a manner consistent with applicable law. If you are applying for a position in San Francisco, please click here.

Apple participates in the E-Verify program in certain locations as required by law. Apple is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. Learn more. Apple is a drug-free workplace. Learn more.

Share this job:


Passion works here.
Apple revolutionized personal technology with the introduction of the Macintosh in 1984. Today, Apple leads the world in innovation with iPhone, iPad, the Mac and Apple Watch. Apple’s three software platforms — iOS, OS X and watchOS — provide seamless experiences across all Apple devices and empower people with breakthrough services including the App Store, Apple Music, Apple Pay and iCloud. Apple’s 100,000 employees are dedicated to making the best products on earth, and to leaving the world better than we found it. 

Apple is an Equal Employment Opportunity Employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities.

Innovative product development, world class operations, Retail, Telephone Support
Visit Apple's Social Media pages:
Company Industry: Consumer Electronics
Company Type: Public Company
Company Size: 10,001+