Show more filters
Banner image for Absa Group

Senior Application Security Engineer (KE)

Absa Group

3.0
6 reviews
Absa Group
Job Type   /   Job Level
Full-time   /   Others/Any
Company Location
Kenya
Empowering Africa’s tomorrow, together…one story at a time.

With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

My Career Development Portal: Wherever you are in your career, we are here for you. Design your future. Discover leading-edge guidance, tools and support to unlock your potential. You are Absa. You are possibility.

Job Summary

Senior Application Security Engineer with extensive penetration testing skills to lead advanced security assessments across web, mobile, APIs, cloud-native environments and AI-driven autonomous penetration testing platforms.

The ideal candidate combines deep technical expertise with architecture awareness and hands-on experience deploying and integrating security testing solutions

Job Description

Advanced Penetration Testing

  • Conduct manual and automated penetration testing across:
    • Web applications
    • API (REST, GraphQL, SOAP)
    • Mobile applications (iOS & Android)
    • Cloud-native workloads and containerized environment
    • Infrastructure
  • Perform black-box and white box testing
  • Perform business logic testing
  • Validate and exploit findings to demonstrate real business risk
  • Conduct threat modeling and attack surface analysis

AI & Autonomous Pentesting

  • Design, operate and optimize AI-Driven autonomous pentesting platforms
  • Tune LLM-Based testing agents and attack orchestration workflows
  • Validate AI generated findings and reduce false positives

Reporting & Leadership

  • Produce executive level reporting and technical reports
  • Present findings to business, engineering and executive stakeholders
  • Provide remediation guidance with practical implementation advice
  • Mentor junior testers
  • Contribute to internal security standards and processes

Required Skillsets

Technical Skills

  • 5+ years of penetration testing experience
  • Deep knowledge of:
    • OWASP Top 10 (Web, API)
    • Business Logic Exploitation
    • Authentication and session management flows
    • SSRF, RCE, injection flaws
  • Experience with AI assisted penetration testing tools
  • Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors

Experience with tools such as:

  • Burp Suite (Advance Usage)
  • Nmap
  • Nessus
  • Metasploit
  • SAT/DAST tools
  • Mobile testing tools (MobSF, Frida, Objection)

Certifications (Preferred)

  • eJPT
  • CEH
  • OCSP
  • AI security (Advantageous)

Soft Skills

  • Excellent problem solving and analytical skills‑solving and analytical skills
  • Ability to translate technical risk into business impact
  • Strong communication and collaboration abilities
  • Ability to work independently as well as contribute effectively within a team

Education

Bachelor`s Degrees and Advanced Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)
Jobs in Kenya   »   Jobs in Nairobi County, Kenya   »   Senior Application Security Engineer (KE)

More jobs