Security Engineer

Job Responsibilities

• Rapidly detect, analyze, and respond to security incidents across the organization's IT infrastructure (Incident Response).
• Perform deep analysis of security event logs and alerts to identify and evaluate threats (Threat Detection and Evaluation).
• Take immediate action to restore operations during service disruptions and technical failures.
• Investigate the root causes of security incidents and conduct thorough root cause analyses.
• Develop, update, implement, and automate playbooks and runbooks for security incidents.
• Conduct effective monitoring of security tools and systems, and analyze security events.
• Design and implement automation workflows using platforms such as n8n to streamline security operations and incident response processes.
• Provide recommendations for improving the security incident management process.
• Propose and implement new approaches for optimizing security monitoring.
• Promote knowledge sharing and experience exchange within the security team.
• Ensure the protection and confidentiality of sensitive information in accordance with legal and organizational requirements.
• Maintain the confidentiality and anonymity of all matters related to the Department's activities on a confidential basis in accordance with applicable legislation.
• Perform other duties assigned by management within the scope of responsibilities, in accordance with labor legislation and other relevant regulatory requirements

Requirements

• Bachelor's degree in Information Security, Computer Science, Information Technology, or a related field.
• Minimum 3 years of experience in cybersecurity or a related field.
• Experience in log management, analysis, and security incident review.
• Hands-on experience with security technologies including Firewall, Proxy, SIEM, EDR/XDR, IDS/IPS, SOAR, DLP, and Mail Security solutions.
• Experience with Privileged Access Management (PAM) solutions.
• Experience with workflow automation platforms, particularly n8n, for automating security operations and response processes.
• Experience with webhooks for integrating security tools and automating event-driven workflows.
• Experience in playbook automation and developing automated incident response pipelines.
• Strong understanding of cyber attack vectors, threat techniques, and incident investigation methodologies.
• Experience developing and maintaining incident response playbooks and runbooks.
• Strong analytical, problem-solving, and root cause analysis skills.
• Good communication skills and ability to work effectively in a team environment.
• Proficiency in Azerbaijani and English languages (reading, writing, listening, and speaking).