Are you looking for a job that will contribute to empower Armenians to systematically improve their lives and wellbeing, provide opportunities for private enterprises to enhance competitiveness, ensure greater efficiency and good governance in public institutions, and enable the development and widespread use of personalized IT solutions built around the needs of everyday citizens? Then we have an exceptional opportunity for you!

Computer Emergency Response Team (CERT) or Computer Security Incident Response Team (CSIRT) is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents. 

As Cyber Threat Intelligence Analyst you will work with other CSIRT experts, each one predominantly focused on the specific security domain for which they are most competent, but all closely cooperating as a team, coordinated by the CSIRT Team Manager.

Responsibilities

• Monitor threat information coming from: open and commercial sources, our peers and partners, our constituents, etc.
• Analyse threat reports.
• Maintain, operate and enhance threat intelligence infrastructure.
• Track the activity of top threat actors and the evolution of tactics, techniques and procedures (TTPs).
• Feed CERT’s cyber threat intelligence knowledge base.
• Produce informative and actionable threat assessments: memos, alerts, cyber security briefs, threat landscape reports.
• Conduct research on malicious infrastructure used by attackers.
• Dark web monitoring.
• Honeypot management.
• Conduct cross-incident analysis and correlation.

Qualifications

• Bachelor’s degree in Information Technology, Computer Science, Management Information Systems or closely related field is required.
• Knowledge of MITRE ATT&CK framework, Cyber Kill Chain, and similar frameworks.
• Strong understanding of Cyber Threat Intelligence Lifecycle.
• Using Cyber Threat Intelligence sharing platforms and understanding best practices.
• Coding experience, particularly using Python, Go, PowerShell, Bash.
• Knowledge of Windows, Linux and macOS operating systems.
• Web security including understanding of the underlying protocols.
• Understanding how debuggers, disassemblers and decompilers work.
• Using malware detonation sandboxes.
• Basics of digital forensics methodologies.
• Use of incident management tools.
• Knowledge of regional languages will be an advantage.
• Ability to write technical reports.
• Strong analytical and problem solving skills, including the ability to deal with a large amount of information in a limited time.
• Ability to establish and maintain effective working relations with coworkers in an international and multi-disciplinary work environment.
• A high degree of commitment and flexibility.
• Good communication skills in English, both orally and in writing.
• A focus on constant learning and improvement of technical and personal skills.
• Experience with a vast array of IT technologies and the ability to quickly master new ones.

To apply for the position the applicants must send their CV to the mail address in hr@isaa.am.