Threat Intelligence Engineer - Apple Information Security
Do your life’s best work here.
With the whole world watching.
Where do you see yourself at Apple?
This role is responsible for threat intelligence analysis efforts to support customers and strengthen Apple’s information security posture. This individual will help build and expand Apple’s threat intelligence capability, to include: Agile Software Development - leverage agile techniques to develop solutions for intelligence customers, threat intelligence analysts, and members of Information Security Implementation - implement solutions for customers and the threat intelligence team as needed Data integration - implement and maintain API integrations between intelligence sources Analytics and Enrichment - identify opportunities and implement solutions for data enrichment, fusion analysis, and source evaluation The solutions designed and developed by this individual are intended to provide analytic insight to all groups within Apple who are at risk from intrusions and provide contextual information to teams that are responsible for detection.
- Lead engineering efforts to design and implement solutions that support the threat intelligence team and intelligence customer needs
- Implement automated ways of measuring the effectiveness of the threat intelligence program to include the number of indicators produced from analysis, number of incidents detected from analysis and number of reports generated and disseminated to Apple groups
- Foster relationships with teams inside and outside of Information Security to understand and meet their collection and reporting requirements for threat intelligence
- Influence what data sources need to be collected to perform threat intelligence analysis to better protect Apple employees and users from a wide range of cyber threats.
- Follow operational security (OPSEC) best practices to ensure Apple is not responsible for damaging the credibility, security, or reputation of any intel sources.
- Identify engineering opportunities to enhance detection systems and security controls to counter known threats.
Proven track record designing and implementing scalable, large-scale data storage and analysis platforms to organize and search vast amounts of intelligence data Ability to lead development efforts in a fast-paced environment Experience implementing real-time API-based data integrations and enrichment pipelines across a wide variety of source formats Ability to work with business partners and technical contacts to understand and address their intelligence needs Experience designing and implementing PaaS and on-demand computing platform applications Experience with indicator sharing formats and platforms - including STIX, TAXII, and OpenIOC Understanding of malware samples, forensic artifacts, command and control session data, actor information, and attacker infrastructure maps Knowledge of cyber threat landscape - including tracked actors, commonly used TTPs, and targets of past campaigns Experience developing network protocol parsers and processing full PCAP data Experience with malware classification via dynamic analysis, and static signature matching, and analysis to cluster malware samples into distinguishable families Familiarity with target-centric intelligence analysis with a focus on cyber threats Understanding of current threat detection tools and technologies Familiarity with forensics tools and techniques including memory analysis, disk metadata analysis, and file carving Familiarity with intelligence link analysis tools used to model relationships between intelligence items - including Maltego, Analyst’s Notebook, and Palantir
Apple participates in the E-Verify program in certain locations as required by law. Apple is committed to working with and providing reasonable accommodation to applicants with physical and mental disabilities. Learn more. Apple is a drug-free workplace. Learn more.
Apple is an Equal Employment Opportunity Employer that is committed to inclusion and diversity. We also take affirmative action to offer employment and advancement opportunities to all applicants, including minorities, women, protected veterans, and individuals with disabilities.
Innovative product development, world class operations, Retail, Telephone Support
Company Type: Public Company
Company Size: 10,001+