Senior Application Security Engineer
2026-03-12T06:25:46+00:00
Absa Bank Limited
https://cdn.greatkenyanjobs.com/jsjobsdata/data/employer/comp_5295/logo/Absa%20Bank%20Limted.png
https://www.greatkenyanjobs.com/employers/company-detail/company-Absa-Bank-Limited-5295/nav-42
FULL_TIME
Nairobi
Nairobi
00100
Kenya
Banking
Computer & IT, Science & Engineering
2026-03-19T17:00:00+00:00
8
Absa Bank Limited (Absa) is a wholly owned subsidiary of Barclays Africa Group Limited. Absa offers personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance.
Read more about this company
Senior Application Security Engineer
Job Type
Full Time
Qualification
BA/BSc/HND
Experience
5 years
Location
Nairobi
Job Field
ICT / Computer
Job Summary
Senior Application Security Engineer with extensive penetration testing skills to lead advanced security assessments across web, mobile, APIs, cloud-native environments and AI-driven autonomous penetration testing platforms.
The ideal candidate combines deep technical expertise with architecture awareness and hands-on experience deploying and integrating security testing solutions
Job Description
Advanced Penetration Testing
Conduct manual and automated penetration testing across:
- Web applications
- API (REST, GraphQL, SOAP)
- Mobile applications (iOS & Android)
- Cloud-native workloads and containerized environment
- Infrastructure
Perform black-box and white box testing
Perform business logic testing
Validate and exploit findings to demonstrate real business risk
Conduct threat modeling and attack surface analysis
AI & Autonomous Pentesting
Design, operate and optimize AI-Driven autonomous pentesting platforms
Tune LLM-Based testing agents and attack orchestration workflows
Validate AI generated findings and reduce false positives
Reporting & Leadership
Produce executive level reporting and technical reports
Present findings to business, engineering and executive stakeholders
Provide remediation guidance with practical implementation advice
Mentor junior testers
Contribute to internal security standards and processes
Required Skillsets
Technical Skills
5+ years of penetration testing experience
Deep knowledge of:
- OWASP Top 10 (Web, API)
- Business Logic Exploitation
- Authentication and session management flows
- SSRF, RCE, injection flaws
Experience with AI assisted penetration testing tools
Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors
Experience with tools such as:
- Burp Suite (Advance Usage)
- Nmap
- Nessus
- Metasploit
- SAT/DAST tools
- Mobile testing tools (MobSF, Frida, Objection)
Certifications (Preferred)
- eJPT
- CEH
- OCSP
- AI security (Advantageous)
Soft Skills
Excellent problem solving and analytical skills‑solving and analytical skills
Ability to translate technical risk into business impact
Strong communication and collaboration abilities
Ability to work independently as well as contribute effectively within a team
Education
Bachelor`s Degrees and Advanced Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)
- Conduct manual and automated penetration testing across:
- Web applications
- API (REST, GraphQL, SOAP)
- Mobile applications (iOS & Android)
- Cloud-native workloads and containerized environment
- Infrastructure
- Perform black-box and white box testing
- Perform business logic testing
- Validate and exploit findings to demonstrate real business risk
- Conduct threat modeling and attack surface analysis
- Design, operate and optimize AI-Driven autonomous pentesting platforms
- Tune LLM-Based testing agents and attack orchestration workflows
- Validate AI generated findings and reduce false positives
- Produce executive level reporting and technical reports
- Present findings to business, engineering and executive stakeholders
- Provide remediation guidance with practical implementation advice
- Mentor junior testers
- Contribute to internal security standards and processes
- OWASP Top 10 (Web, API)
- Business Logic Exploitation
- Authentication and session management flows
- SSRF, RCE, injection flaws
- AI assisted penetration testing tools
- LLM-based attacks, prompt injection risks, AI model abuse vectors
- Burp Suite (Advance Usage)
- Nmap
- Nessus
- Metasploit
- SAT/DAST tools
- Mobile testing tools (MobSF, Frida, Objection)
- Excellent problem solving and analytical skills
- Ability to translate technical risk into business impact
- Strong communication and collaboration abilities
- Ability to work independently as well as contribute effectively within a team
- eJPT
- CEH
- OCSP
- AI security (Advantageous)
JOB-69b25c6a2d691
Vacancy title:
Senior Application Security Engineer
[Type: FULL_TIME, Industry: Banking, Category: Computer & IT, Science & Engineering]
Jobs at:
Absa Bank Limited
Deadline of this Job:
Thursday, March 19 2026
Duty Station:
Nairobi | Nairobi
Summary
Date Posted: Thursday, March 12 2026, Base Salary: Not Disclosed
Similar Jobs in Kenya
Learn more about Absa Bank Limited
Absa Bank Limited jobs in Kenya
JOB DETAILS:
Absa Bank Limited (Absa) is a wholly owned subsidiary of Barclays Africa Group Limited. Absa offers personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance.
Read more about this company
Senior Application Security Engineer
Job Type
Full Time
Qualification
BA/BSc/HND
Experience
5 years
Location
Nairobi
Job Field
ICT / Computer
Job Summary
Senior Application Security Engineer with extensive penetration testing skills to lead advanced security assessments across web, mobile, APIs, cloud-native environments and AI-driven autonomous penetration testing platforms.
The ideal candidate combines deep technical expertise with architecture awareness and hands-on experience deploying and integrating security testing solutions
Job Description
Advanced Penetration Testing
Conduct manual and automated penetration testing across:
- Web applications
- API (REST, GraphQL, SOAP)
- Mobile applications (iOS & Android)
- Cloud-native workloads and containerized environment
- Infrastructure
Perform black-box and white box testing
Perform business logic testing
Validate and exploit findings to demonstrate real business risk
Conduct threat modeling and attack surface analysis
AI & Autonomous Pentesting
Design, operate and optimize AI-Driven autonomous pentesting platforms
Tune LLM-Based testing agents and attack orchestration workflows
Validate AI generated findings and reduce false positives
Reporting & Leadership
Produce executive level reporting and technical reports
Present findings to business, engineering and executive stakeholders
Provide remediation guidance with practical implementation advice
Mentor junior testers
Contribute to internal security standards and processes
Required Skillsets
Technical Skills
5+ years of penetration testing experience
Deep knowledge of:
- OWASP Top 10 (Web, API)
- Business Logic Exploitation
- Authentication and session management flows
- SSRF, RCE, injection flaws
Experience with AI assisted penetration testing tools
Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors
Experience with tools such as:
- Burp Suite (Advance Usage)
- Nmap
- Nessus
- Metasploit
- SAT/DAST tools
- Mobile testing tools (MobSF, Frida, Objection)
Certifications (Preferred)
- eJPT
- CEH
- OCSP
- AI security (Advantageous)
Soft Skills
Excellent problem solving and analytical skills‑solving and analytical skills
Ability to translate technical risk into business impact
Strong communication and collaboration abilities
Ability to work independently as well as contribute effectively within a team
Education
Bachelor`s Degrees and Advanced Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)
Work Hours: 8
Experience in Months: 12
Level of Education: bachelor degree
Job application procedure
Application Link:Click Here to Apply Now
All Jobs | QUICK ALERT SUBSCRIPTION
