With over 100 years of rich history and strongly positioned as a local bank with regional and international expertise, a career with our family offers the opportunity to be part of this exciting growth journey, to reset our future and shape our destiny as a proudly African group.
Job Summary
To provide advice and support in practice formulation and associated best practice improvement tactics; enabling the provision of specialist information technology security expertise.Job Description
Role Purpose
Senior Application Security Engineer with extensive penetration testing skills to lead advanced security assessments across web, mobile, APIs, cloud-native environments and AI-driven autonomous penetration testing platforms.
The ideal candidate combines deep technical expertise with architecture awareness and hands-on experience deploying and integrating security testing solutions
Key Responsibilities
Advanced Penetration Testing
Conduct manual and automated penetration testing across:
Web applications
API (REST, GraphQL, SOAP)
Mobile applications (iOS & Android)
Cloud-native workloads and containerized environment
Infrastructure
Perform black-box and white box testing
Perform business logic testing
Validate and exploit findings to demonstrate real business risk
Conduct threat modeling and attack surface analysis
AI & Autonomous Pentesting
Design, operate and optimize AI-Driven autonomous pentesting platforms
Tune LLM-Based testing agents and attack orchestration workflows
Validate AI generated findings and reduce false positives
Reporting & Leadership
Produce executive level reporting and technical reports
Present findings to business, engineering and executive stakeholders
Provide remediation guidance with practical implementation advice
Mentor junior testers
Contribute to internal security standards and processes
Required Skillsets
Technical Skills
5+ years of penetration testing experience
Deep knowledge of:
OWASP Top 10 (Web, API)
Business Logic Exploitation
Authentication and session management flows
SSRF, RCE, injection flaws
Experience with AI assisted penetration testing tools
Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors
Experience with tools such as:
Burp Suite (Advance Usage)
Nmap
Nessus
Metasploit
SAT/DAST tools
Mobile testing tools (MobSF, Frida, Objection)
Certifications (Preferred)
eJPT
CEH
OCSP
AI security (Advantageous)
Soft Skills
Excellent problem solving and analytical skills‑solving and analytical skills
Ability to translate technical risk into business impact
Strong communication and collaboration abilities
Ability to work independently as well as contribute effectively within a team
Education
Bachelor`s Degrees and Advanced Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)Absa Bank Limited is an equal opportunity, affirmative action employer. In compliance with the Employment Equity Act 55 of 1998, preference will be given to suitable candidates from designated groups whose appointments will contribute towards achievement of equitable demographic representation of our workforce profile and add to the diversity of the Bank.
Absa Bank Limited reserves the right not to make an appointment to the post as advertised