استخدام مجموعه ازکی

مجموعه ازکی در تهران جهت تکمیل کادر خود از واجدین شرایط زیر دعوت به همکاری می نماید.

Senior Offensive Security Engineer
At Azki, We are looking for a skilled and creative Senior Offensive Security Engineer to lead offensive security operations, including penetration testing, red teaming, and adversary simulation. In this role, you will proactively identify security weaknesses across our systems and applications, helping the organization improve its overall security posture through real-world attack scenarios and deep technical insight.	Job Overview
Conduct advanced penetration testing of networks, applications, APIs, cloud environments, and internal systems Design and execute red team exercises to simulate realistic threat actors and assess detection and response capabilities. Identify and exploit security vulnerabilities, misconfigurations, and weaknesses in infrastructure and software. Develop custom scripts, tools, and exploits to support offensive operations. Collaborate with defensive teams (blue team) to share findings and improve detection and mitigation strategies. Perform post-exploitation activities to demonstrate impact and risk of vulnerabilities. Produce detailed technical reports, including risk assessment, attack paths, and remediation guidance. Stay up-to-date with emerging threats, TTPs, and offensive security techniques.	Responsibilities
5+ years of hands-on experience in offensive security, penetration testing, or red teaming. Deep knowledge of offensive security frameworks (e.g., MITRE ATT&CK, PTES, OWASP). Proficiency in penetration testing tools such as Burp Suite, Cobalt Strike, Metasploit, Nmap, and custom scripting. Strong understanding of network protocols, system internals (Linux/Windows), and common attack surfaces. Solid experience with post-exploitation techniques, lateral movement, and privilege escalation. Scripting and automation skills in Python, Bash, PowerShell, or Go. Ability to clearly communicate technical findings to both technical and non-technical audiences. Strong documentation and reporting skills.	Required Skills
Offensive security certifications such as OSCP, OSEP, CRTP, or CRTO. Experience with red vs. blue exercises and purple teaming environments. Familiarity with evasion techniques, obfuscation, and payload generation. Knowledge of Active Directory attacks, Kerberos exploitation, and cloud-specific attacks (e.g., IAM abuse in AWS). Contribution to open-source offensive security tools or participation in bug bounty programs. Understanding of secure development practices and ability to provide remediation advice to development teams.	Preferred/Optional Skills