Website Absa Bank Limited
Absa Bank Limited (Absa) is a wholly owned subsidiary of Barclays Africa Group Limited. Absa offers personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance. Barclays Africa Group Limited is 62.3% owned by Barclays Ba… read morenk PLC and is listed on the JSE Limited. The Group is one of Africa’s major financial services providers offering personal and business banking, credit cards, corporate and investment banking, wealth and investment management as well as bancassurance. The Group was formed through combining Absa Group Limited and Barclays’ African operations on 31 July 2013. Reflecting the enlarged group’s pan-African focus, the Group's name changed from Absa Group Limited, to Barclays Africa Group Limited on 2 August 2013. Registered head offices are in South Africa and the Group has majority stakes in banks in Botswana, Ghana,Kenya, Mauritius, Mozambique, Seychelles, South Africa, Tanzania (Barclays Bank Tanzania and National Bank of Commerce), Uganda and Zambia. The Group has representative offices in Namibia and Nigeria, as well as bancassurance operations in Botswana, Mozambique, South Africa and Zambia. Barclays Bank Kenya and Barclays Bank Botswana continue to be listed on their respective stock exchanges.Barclays Bank PLC has operations in Egypt and Zimbabwe, which are part of the African business and continue to be run by Barclays Africa Group’s management
Job Summary
Senior Application Security Engineer with extensive penetration testing skills to lead advanced security assessments across web, mobile, APIs, cloud-native environments and AI-driven autonomous penetration testing platforms.
The ideal candidate combines deep technical expertise with architecture awareness and hands-on experience deploying and integrating security testing solutions
Job Description
Advanced Penetration Testing
Conduct manual and automated penetration testing across:
Web applications
API (REST, GraphQL, SOAP)
Mobile applications (iOS & Android)
Cloud-native workloads and containerized environment
Infrastructure
Perform black-box and white box testing
Perform business logic testing
Validate and exploit findings to demonstrate real business risk
Conduct threat modeling and attack surface analysis
AI & Autonomous Pentesting
Design, operate and optimize AI-Driven autonomous pentesting platforms
Tune LLM-Based testing agents and attack orchestration workflows
Validate AI generated findings and reduce false positives
Reporting & Leadership
Produce executive level reporting and technical reports
Present findings to business, engineering and executive stakeholders
Provide remediation guidance with practical implementation advice
Mentor junior testers
Contribute to internal security standards and processes
Required Skillsets
Technical Skills
5+ years of penetration testing experience
Deep knowledge of:
OWASP Top 10 (Web, API)
Business Logic Exploitation
Authentication and session management flows
SSRF, RCE, injection flaws
Experience with AI assisted penetration testing tools
Understanding of LLM-based attacks, prompt injection risks, AI model abuse vectors
Experience with tools such as:
Burp Suite (Advance Usage)
Nmap
Nessus
Metasploit
SAT/DAST tools
Mobile testing tools (MobSF, Frida, Objection)
Certifications (Preferred)
eJPT
CEH
OCSP
AI security (Advantageous)
Soft Skills
Excellent problem solving and analytical skills‑solving and analytical skills
Ability to translate technical risk into business impact
Strong communication and collaboration abilities
Ability to work independently as well as contribute effectively within a team
Education
Bachelor`s Degrees and Advanced Diplomas: Physical, Mathematical, Computer and Life Sciences (Required)
Apply Through:
absa.wd3.myworkdayjobs.com
To apply for this job please visit absa.wd3.myworkdayjobs.com.