Vacancy title:
Application Security Testing Specialist

[Type: FULL_TIME, Industry: Banking, Category: Computer & IT]

Jobs at:
Equity Bank

Deadline of this Job:
Saturday, June 28 2025

Duty Station:
Nairobi | Nairobi | Kenya

Summary
Date Posted: Saturday, June 14 2025, Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about Equity Bank
Equity Bank jobs in Kenya

JOB DETAILS:

• The role holder will be responsible for performing application, API, and overall vulnerability management for all Group applications. In addition, collaboration will be required with pre-deployment application testing team to ensure that issues are identified and remediated in a timely manner. 

Key responsibilities 

• Perform application vulnerability assessments including regular scanning and penetration testing activities in terms of post deployment security testing on Web based, APIs, Mobile, Cloud application, Robotics, IOT etc 
• Performing cyber vulnerability assessment across the Enterprise and maintain vulnerability tracker 
• Develop risk based vulnerability assessment plan 
• Conduct comprehensive post penetration test of web based application, mobile application, network infrastructure, databases, ICT servers to assess the effectiveness of the cybersecurity framework implemented 
• Maintaining proactive approach to cyber security risk and vulnerability assessment through market intelligence, continuous engagement with stakeholders to understand business dynamics 
• Assessing threats and vulnerabilities regarding information assets and recommend appropriate security controls 
• Identifying cyber threats, evaluating controls and make recommendations to improve internal controls and operational effectiveness and efficiency 
• Monitoring the banks compliance to InfoSec security policies, standards, guidelines and procedures 
• Engage stakeholders in the remediation of vulnerabilities identified by both internal and external parties 
• Ensure that application security is an embedded and critical part of the software delivery lifecycle (including during the early stages of projects) regardless of delivery methodology and tool sets used (e.g. static code analysis) 
• Train and educate developers and teams in secure coding techniques including use of supporting toolsets and enable them to self service 
• Perform application vulnerability assessments including regular scanning and penetration testing activities in terms of post deployment security testing on Web based, Mobile, Cloud application, Robotics, IOT etc 
• Perform secure code review across a variety of programming languages 
• Develop functional security testing scripts and procedures and identify opportunities to automate security testing and processes 
• Identify inherent vulnerabilities and information security risks within systems and applications 
• Proactively follow up on vulnerability remediation for all assessments performed.

Qualifications

Knowledge and Experience:

• Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering or similar area of study 
• At least 2 years’ experience in vulnerability management and penetration testing (application and API testing).  
• Certifications such as CEH. Any other related certifications will be an added advantage 
• Cloud experience will be an added advantage.  
• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc. 
• Expertise with industry standard frameworks (ISO, NIST, PCI) 
• Excellent communication and presentation skills, both verbal and in writing and an ability to build a network and to collaborate with various teams.

Work Hours: 8

Experience in Months: 12

Level of Education: bachelor degree

Job application procedure

Interested and qualified? Click Here

All Jobs | QUICK ALERT SUBSCRIPTION