Empowering Africa’s tomorrow, together…one story at a time.
With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.
My Career Development Portal:
Wherever you are in your career, we are here for you. Design your future. Discover leading-edge guidance, tools and support to unlock your potential. You are Absa. You are possibility.
Job Summary
Senior Application Security Engineer with extensive penetration testing skills to lead advanced security assessments across web, mobile, APIs, cloud-native environments and AI-driven autonomous penetration testing platforms.
The ideal candidate combines deep technical expertise with architecture awareness and hands-on experience deploying and integrating security testing solutions
Job Description
Advanced Penetration Testing
- Conduct manual and automated penetration testing across:
- Web applications
- API (REST, GraphQL, SOAP)
- Mobile applications (iOS & Android)
- Cloud-native workloads and containerized environment
- Infrastructure
- Perform black-box and white box testing
- Perform business logic testing
- Validate and exploit findings to demonstrate real business risk
- Conduct threat modeling and attack surface analysis
AI & Autonomous Pentesting
- Design, operate and optimize AI-Driven autonomous pentesting platforms
- Tune LLM-Based testing agents and attack orchestration workflows
- Validate AI generated findings and reduce false positives
Reporting & Leadership
- Produce executive level reporting and technical reports
- Present findings to business, engineering and executive stakeholders
- Provide remediation guidance with practical implementation advice
- Mentor junior testers
- Contribute to internal security standards and processes
Required Skillsets
Technical Skills
- 5+ years of penetration testing experience
- Deep knowledge of:
- OWASP Top 10 (Web, API)
- Business Logic Exploitation
- Authentication and session management flows
- SSRF, RCE, injection flaws
- Experience with AI assisted penetration testing tools
- Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors
Experience with tools such as:
- Burp Suite (Advance Usage)
- Nmap
- Nessus
- Metasploit
- SAT/DAST tools
- Mobile testing tools (MobSF, Frida, Objection)
Certifications (Preferred)
- eJPT
- CEH
- OCSP
- AI security (Advantageous)
Soft Skills
- Excellent problem solving and analytical skills‑solving and analytical skills
- Ability to translate technical risk into business impact
- Strong communication and collaboration abilities
- Ability to work independently as well as contribute effectively within a team
Education
Bachelor`s Degrees and Advanced Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)