Job Overview
At Azki, We are seeking a highly experienced and proactive Senior Defensive Security Engineer to join our cybersecurity team. In this role, you will be responsible for designing, implementing, and maintaining security defenses to protect our infrastructure, applications, and data from cyber threats. You will work closely with other security, infrastructure, and development teams to ensure a strong security posture across all systems and environments.
Responsibilities
- Design and implement security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and SIEM.
- Monitor and respond to security incidents, performing root cause analysis and driving remediation efforts.
- Develop and maintain detection and alerting rules, playbooks, and incident response processes.
- Collaborate with DevOps and IT teams to ensure secure configurations and hardening of systems, networks, and cloud environments.
- Conduct threat modeling, vulnerability assessments, and security audits on critical infrastructure.
- Continuously evaluate new security tools and technologies to enhance defensive capabilities.
- Lead red team vs. blue team exercises and contribute to security awareness initiatives across the organization.
- Document security policies, procedures, and incident reports.
Required Skills
- 5+ years of hands-on experience in defensive security, blue team operations, or related fields.
- Strong understanding of operating system security (Linux, Windows), network protocols, and secure architectures.
- Experience with SIEM platforms (e.g., Splunk, ELK, Sentinel), IDS/IPS, and endpoint security tools.
- Proven incident response and digital forensics skills.
- Familiarity with common attack techniques (MITRE ATT&CK, TTPs) and corresponding defenses.
- Scripting and automation skills in Python, Bash, or PowerShell.
- Excellent problem-solving, analytical thinking, and communication skills.
- Strong documentation and reporting abilities.
Preferred/Optional Skills
- Relevant certifications such as OSCP, GCIH, GCIA, or CISSP.
- Exposure to threat hunting, malware analysis, or reverse engineering.
- Familiarity with tools from the ProjectDiscovery or Open Source Security ecosystems.
- Knowledge of Zero Trust Architecture and modern identity and access management (IAM) principles.