Senior Application Security Engineer at Absa Bank Limited
Absa View all jobs
- Kenya
- Permanent
- Full-time
The ideal candidate combines deep technical expertise with architecture awareness and hands-on experience deploying and integrating security testing solutionsJob DescriptionAdvanced Penetration Testing
- Conduct manual and automated penetration testing across:
- Web applications
- API (REST, GraphQL, SOAP)
- Mobile applications (iOS & Android)
- Cloud-native workloads and containerized environment
- Infrastructure
- Perform black-box and white box testing
- Perform business logic testing
- Validate and exploit findings to demonstrate real business risk
- Conduct threat modeling and attack surface analysis
- Design, operate and optimize AI-Driven autonomous pentesting platforms
- Tune LLM-Based testing agents and attack orchestration workflows
- Validate AI generated findings and reduce false positives
- Produce executive level reporting and technical reports
- Present findings to business, engineering and executive stakeholders
- Provide remediation guidance with practical implementation advice
- Mentor junior testers
- Contribute to internal security standards and processes
- 5+ years of penetration testing experience
- Deep knowledge of:
- OWASP Top 10 (Web, API)
- Business Logic Exploitation
- Authentication and session management flows
- SSRF, RCE, injection flaws
- Experience with AI assisted penetration testing tools
- Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors
- Burp Suite (Advance Usage)
- Nmap
- Nessus
- Metasploit
- SAT/DAST tools
- Mobile testing tools (MobSF, Frida, Objection)
- eJPT
- CEH
- OCSP
- AI security (Advantageous)
- Excellent problem solving and analytical skills-solving and analytical skills
- Ability to translate technical risk into business impact
- Strong communication and collaboration abilities
- Ability to work independently as well as contribute effectively within a team
Jobs in Kenya