Software is often referred to as the “soul” of Apple’s products. In this position you will play a critical role in ensuring the security of the systems and infrastructure used to manage, build, and distribute, Apple’s software.
We are seeking a dedicated and skilled Detection and Response engineer to join our security team. In this pivotal role, you will be responsible for handling security incidents, from initial detection and mitigation to post-incident analysis. You will work closely with the corporate Threat Response team to triage and respond to potential security threats effectively. Additionally, you will play a crucial role in developing detections, security incident response strategies, and recovery runbooks. This role involves coordination with various teams, including project management (PM), to support the vulnerability management process and track risks and drive remediation within set timelines.
Candidates should have strong interpersonal and communication skills, be self starters that are comfortable with the unknown and have experience in the following areas:
Incident Handling and Mitigation:
• Lead the initial response to security incidents, ensuring quick and effective action to mitigate threats.
• Coordinate with corporate Threat Response and other relevant teams to manage the incident lifecycle efficiently.
Post-Incident Analysis:
• Conduct thorough post-incident analysis to understand the cause and impact of security incidents.
• Develop recommendations for preventing future incidents and improving security posture
Development of Detections and Runbooks:
• Develop and refine detection mechanisms for identifying security incidents.
• Create and update incident response and recovery runbooks, ensuring they are comprehensive and effective.
Vulnerability Management:
• Triage and track risks identified through various security processes.
• Collaborate with the PM team to drive the remediation of risks within accepted timelines.
Proven experience in incident response, security operations, or a similar role.Strong understanding of cybersecurity principles and incident handling procedures.Experience in developing security incident response strategies and runbooks.Ability to work effectively under pressure in a fast-paced environment.Excellent problem-solving skills and attention to detail.Strong communication and collaboration abilities.Experience with python, perl, golang, bash, kubernetes