Apple · 1 day ago
SAP Security Engineering (Penetration Tester), IS&T Enterprise Systems
Austin Metro Area
Full-time
Hybrid
New Grad, Entry Level
0+ years expApple is seeking a Security Researcher with an offensive security mindset to tackle emerging cyber threats within its critical ERP environment. The role involves conducting penetration testing, vulnerability research, and collaborating with engineering teams to enhance secure coding practices in Apple’s hybrid SAP landscape.
AppsArtificial Intelligence (AI)BroadcastingDigital EntertainmentFoundational AIMedia and EntertainmentMobile DevicesOperating SystemsTVWearables
Responsibilities
Conduct advanced offensive security testing across Apple’s hybrid SAP landscape, including:
Manual penetration testing of custom ABAP & Java applications, SAP Fiori apps, web applications, APIs, and mobile interfaces
Vulnerability research and testing within SAP S/4HANA, ECC, BTP services, Ariba, Commerce Cloud, Signavio, LeanIX, and other integrated cloud-native systems
Security assessments of underlying infrastructure and cloud environments supporting SAP
Perform deep-dive source code reviews of sophisticated applications to identify security flaws and architectural weaknesses
Develop custom scripts, tools, and proof-of-concept exploits to augment penetration testing activities, automate vulnerability discovery, and demonstrate impact
Proactively identify and research emerging threats and attack vectors relevant to enterprise systems and the SAP ecosystem
Document findings in high-quality, actionable reports and presentations, clearly communicating technical vulnerabilities, their business impact, and recommended remediations to engineering teams across the organization
Collaborate closely with engineering and development teams to provide security advice, improve secure coding practices, and integrate security early into the development lifecycle (shift-left)
Assemble and analyze threat & vulnerability data to highlight issues and trends, and author enhanced development standards and security requirements
Contribute to the team’s security knowledge base, sharing expertise, developing technical documentation, and shaping testing methodologies
Continuously learn and develop expertise in offensive security techniques and the intricacies of the SAP ecosystem
Qualification
Required
0-2 years of experience in offensive security, penetration testing, vulnerability research, or a related field
0-2 years of experience in web application security, API security, system and infrastructure security, and common attack techniques
0-2 years of experience in reading, understanding, and finding vulnerabilities in sophisticated codebases (e.g., ABAP, Java, JavaScript, Go)
0-2 years of experience in at least one scripting or programming language (e.g., Python, PowerShell, Bash, Go, Ruby, JavaScript (Node.js)) for security automation and tool development
Bachelor's degree or equivalent in Computer Science, Cybersecurity, Information Systems, or a related technical field
Preferred
Relevant offensive security certifications (e.g., OSCP, OSWE, OSWP, eJPT) are highly regarded
Experience with CTFs, hacking labs, bug bounty programs, or public security research/CVEs
Knowledge of cloud architecture and security principles (e.g., AWS, Azure, GCP, SAP BTP)
Familiarity with modern cybersecurity concepts including AI/ML applications in security, cryptography, and prompt engineering for security tasks
Experience with data visualization and communication tools (e.g., Keynote, draw.io, Miro, Adobe Illustrator) to heighten the storytelling impact of your discoveries
Proficiency in MacOS and other Unix-based systems
A degree combining technology and humanities (e.g., Computer Science with a minor in Ethics or Philosophy) is a plus
Internships, research projects, open-source contributions, CTF participation, or bug bounty success are highly valued
A profound passion for information security, particularly in penetration testing and vulnerability discovery
An insatiable curiosity for how complex enterprise systems work, with a mandatory desire to learn and understand the SAP ecosystem. (No prior SAP expertise required, but a strong aptitude and willingness to dive deep into this domain is essential)
Experience with or a strong interest in learning ABAP is a significant plus
Strong analytical, problem-solving, and critical thinking skills, with the ability to analyze complex challenges and produce creative solutions
Excellent written and verbal communication skills, with the ability to effectively communicate complex technical concepts and their business impact to diverse audiences
Ability to learn new skills, concepts, and technologies rapidly, and to grasp large, sophisticated systems while context-switching as needed
A strong understanding of fundamental computing, database, networking, and security concepts
An appreciation for the ethical and societal implications of technology and a commitment to responsible innovation
Company
Apple
Apple is a technology company that designs, manufactures, and markets consumer electronics, personal computers, and software.
10001+ employees
H1B Sponsorship
Apple has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (6998)
2024 (3766)
2023 (3939)
2022 (4822)
2021 (4060)
2020 (3656)
Funding
Current Stage
Public CompanyTotal Funding
$5.67BKey Investors
Berkshire HathawayMicrosoftSequoia Capital
2025-05-05Post Ipo Debt· $4.5B
2025-01-16Post Ipo Debt· $0.31M
2021-04-30Post Ipo Equity
Leadership Team
Tim Cook
CEO
Craig Federighi
SVP, Software Engineering
Recent News
Venrock
2025-12-01
2025-09-25
Mac Daily News
2025-09-25
Company data provided by crunchbase