The Information systems agency of Armenia is supporting the creation of the Armenian e-society. In leadership with the Government and the Central Bank of Armenia, our mission is to implement key standards for how public services and digital projects should be delivered. Our guiding standard is the “Digital Architecture of Armenia,” a Government-approved approach that places interoperability, security, and high-quality service delivery at its core. Our team consists of technology and policy-making specialists from various sectors, and we work transparently, engaging both the public and private sectors to help Armenia realize its goal of becoming a truly electronic society.

This is an entry-level role for candidates who want to build practical security operations experience. You will work alongside SOC analysts and incident responders to detect and respond to threats affecting critical civilian information systems and services.

You will receive structured guidance, training, and feedback. As the SOC and AM-CERT capabilities grow, you may have opportunities to specialize (e.g., detection engineering, threat intelligence, DFIR).

·        Monitor and triage security alerts from SOC tooling (SIEM, EDR, IDS/IPS, network monitoring).

·        Perform initial investigation and enrichment (log review, indicator checks, basic correlation) and escalate incidents according to playbooks.

·        Document events and incidents clearly in the ticketing system, including timelines, evidence collected, and recommended next steps.

·        Support SOC reporting (daily/weekly summaries, trend reporting, detection and response metrics).

·        Assist with SOC use-case development and basic tuning (e.g., reduce false positives, improve alert context).

·        Support research and operational tasks related to DDoS detection/mitigation and monitoring of public-facing services, as needed.

·        Participate in training, simulations, tabletop exercises, and continuous improvement activities.

·        Basic understanding of cybersecurity concepts (threats, vulnerabilities, incident response fundamentals).

·        Foundational knowledge of networking (TCP/IP, DNS, HTTP/S) and common operating systems (Windows and/or Linux).

·        Strong attention to detail and ability to follow procedures while thinking critically when something looks unusual.

·        Clear communication skills and willingness to ask questions and learn quickly.

·        Ability to work in a team and collaborate across departments.

·        Bachelor’s degree in Computer Science, Information Security, or a related field - or equivalent practical experience.

Preferred experience

·        Hands-on exposure to SIEM tools (Splunk, ELK/OpenSearch, Sentinel, or similar) or endpoint tooling (EDR).

·        Basic scripting experience (Python or Bash) for automation or data handling.

·        Familiarity with MITRE ATT&CK concepts and common attacker techniques.

·        Interest in EU-aligned cybersecurity practices and standards.

Certifications we value

Certifications are an advantage. Examples include:

·        CompTIA Security+

·        Blue Team Level 1 (BTLO) or similar practical blue-team certifications

·        CompTIA CySA+ (for progression) or vendor SIEM/EDR certifications

Please send your CV to hr@isaa.am, ensuring you mention the position name in the subject line of the email.