Senior Application Security Engineer

Empowering Africa’s tomorrow, together…one story at a time.

With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.

To provide advice and support in practice formulation and associated best practice improvement tactics; enabling the provision of specialist information technology security expertise.

Senior Application Security Engineer with extensive penetration testing skills to lead advanced security assessments across web, mobile, APIs, cloud-native environments and AI-driven autonomous penetration testing platforms.

The ideal candidate combines deep technical expertise with architecture awareness and hands‑on experience deploying and integrating security testing solutions

• Conduct manual and automated penetration testing across:

  • Web applications

  • API (REST, Graph
    
    QL, SOAP)

  • Mobile applications (iOS & Android)

  • Cloud-native workloads and containerised environment

  • Infrastructure

• Perform black-box and white-box testing

• Perform business logic testing

• Validate and exploit findings to demonstrate real business risk

• Conduct threat modelling and attack surface analysis

• Design, operate and optimise AI‑driven autonomous pentesting platforms

• Tune LLM‑Based testing agents and attack orchestration workflows

• Validate AI‑generated findings and reduce false positives

• Produce executive‑level reporting and technical reports

• Present findings to business, engineering and executive stakeholders

• Provide remediation guidance with practical implementation advice

• Mentor junior testers

• Contribute to internal security standards and processes

• 5+ years of penetration testing experience

• Deep knowledge of:

  • OWASP Top 10 (Web, API)

  • Business Logic Exploitation

  • Authentication and session management flows

  • SSRF, RCE, injection flaws

• Experience with AI assisted penetration testing tools

• Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors

• Burp Suite (Advance Usage)

• Nmap

• Nessus

• Metasploit

• SAT/DAST tools

• Mobile testing tools (MobSF, Frida, Objection)

• eJPT

• CEH

• OCSP

• AI security (Advantageous)

• Excellent problem solving and analytical skills

• Ability to translate technical risk into business impact

• Strong communication and collaboration abilities

• Ability to work independently as well as contribute effectively within a team

Bachelor’s Degrees and Advanced Diplomas:
Physical, Mathematical, Computer and Life Sciences (Required)

Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.

Absa Bank Limited reserves the right not to make an appointment to the post as advertised