DevOps Software Engineer Lead - Threat Intelligence, SEAR in London

As part of Apple’s Security Engineering & Architecture (SEAR) organization, you’ll join our mission to create the world’s most secure products. We are committed to building groundbreaking tools that empower our threat intelligence analysts to detect, investigate, and respond to emerging threats faster and with greater confidence. We are seeking a DevOps Software Engineer to take ownership of security research prototypes and scale them into reliable, production-grade services. By combining infrastructure and software development, you will directly contribute to our mission to create the world’s most secure products.

A strong candidate for this role is passionate about building reliable, secure, and scalable infrastructure that directly amplifies threat intelligence impact. You will work closely with threat intelligence analysts, located worldwide, to transform internal analysis tools — including intelligence triage tools, threat correlation platforms, indicator enrichment systems, and ML-powered data intelligence engines — into reliable and robust production services that keep pace with the dynamic environment at Apple. You will own the complete journey: from evaluating prototype readiness and hardening codebases for scale, through deployment, to ongoing reliable operation. On the development side, you will assess threat intelligence codebases and tooling for production readiness, extend and improve them for scale, and build the service APIs and integrations that make them reliable, robust, and performant. On the infrastructure side, you will design containerized deployments, establish CI/CD pipelines, implement secrets management and access controls, and build monitoring and observability practices that keep platforms performant and secure.

You will be directly responsible for DevOps support across our threat intelligence teams — gathering requirements, architecting solutions, leading rollouts, and communicating progress and impact to engineers, managers, and leaders across the organization. You will bring equal rigor to code quality, security posture, and operational excellence — balancing all three to maximize SEAR’s ability to proactively secure Apple products at scale.

• Experience designing and operating cloud and on-premises service infrastructure, with advanced knowledge of containerization, Kubernetes, data storage, networking, authentication/authorization (OIDC, OAuth), queuing, logging, and monitoring.
• Advanced knowledge in scripting and programming languages, including Python and Bash as well as familiarity with AI/ML workflows and agents.
• Experience with CI/CD pipelines and automation tooling (e.g., Jenkins, GitHub Actions, or equivalent), and observability stacks (e.g., Prometheus, Grafana, OpenSearch/ELK).
• Self-starter with strong ownership, accountability, and ability to work autonomously and collaboratively across teams and organizations in a fast-paced environment.

• Prior experience working with threat research or threat intelligence teams.
• Intellectually curious team player with a growth mindset and a genuine passion for finding, understanding, and mitigating cyber threats.
• Experience with and/or strong enthusiasm for security, especially offensive security and threat research.
• Prior experience working with large-scale data pipelines and storage systems.
• Remote work, with occasional travel.

At Apple, we are committed to treating all applicants fairly and equally. As a registered Disability Confident employer, we will work with applicants to make any reasonable accommodations. Apple will consider for employment all qualified applicants with criminal backgrounds in a manner consistent with applicable law. At Apple, we believe accessibility is a fundamental human right. You’ll find that idea reflected in everything here — in our culture, our benefits and our digital tools. By welcoming as many perspectives as possible, we help you build a career where you feel like you belong.