The Information systems agency of Armenia is supporting the creation of the Armenian e-society. In leadership with the Government and the Central Bank of Armenia, our mission is to implement key standards for how public services and digital projects should be delivered. Our guiding standard is the “Digital Architecture of Armenia,” a Government-approved approach that places interoperability, security, and high-quality service delivery at its core. Our team consists of technology and policy-making specialists from various sectors, and we work transparently, engaging both the public and private sectors to help Armenia realize its goal of becoming a truly electronic society.

You will help translate cybersecurity strategy into practical policies, bylaws, and implementation guidance aligned with international standards. You will also support internal security governance at ISAA by improving policy coverage, coordinating control implementation with technical teams, and supporting evidence-based compliance maturity.

Depending on national priorities, this role may also support security governance for other critical national digital services (e.g., identity, interoperability, and other high-impact platforms) through risk assessments and implementation roadmaps.

·        Research international cybersecurity legislation, regulatory frameworks, and standards (e.g., ISO/IEC 27001, NIST CSF, EU-aligned practices) and translate findings into actionable recommendations for Armenia’s context.

·        Support drafting of cybersecurity bylaws, internal policies, standards, and implementation guidelines, including consultation support with stakeholders.

·        Coordinate implementation of governance controls within ISAA (policies, procedures, control evidence) in partnership with IT and engineering teams.

·        Develop practical compliance roadmaps and risk treatment plans for prioritized services and organizations, and track progress through measurable reporting.

·        Support compliance activities and audits by preparing evidence, tracking remediation, and improving internal documentation quality.

·        Develop and deliver awareness and training materials to strengthen a security and compliance culture.

·        Participate in cross-agency and cross-sector working groups and support coordination with regulators and external experts.

·        4+ years of experience in cybersecurity governance, risk, compliance (GRC), policy, or related roles.

·        Strong understanding of cybersecurity risk management and control frameworks (e.g., ISO/IEC 27001, NIST CSF, COBIT).

·        Ability to translate technical security requirements into clear policy text and practical implementation steps.

·        Experience producing professional written outputs: policy documents, briefing notes, reports, and implementation guidance.

·        Strong stakeholder management skills and the ability to facilitate collaboration across departments and organizations.

·        High integrity and ability to handle sensitive information responsibly.

·        Occasional travel to customer site is required.

Preferred experience

·        Experience supporting legislative drafting processes, regulatory consultations, or public sector cybersecurity programs.

·        Experience coordinating compliance audits and control implementation projects with technical teams.

·        Familiarity with privacy and data protection principles and how they relate to security controls.

·        Professional working proficiency in Armenian and English.

Certifications we value

Certifications are an advantage. Examples include:

·        CISM, CRISC, or CISA

·        ISO/IEC 27001 Lead Implementer and/or Lead Auditor

·        CIPM (privacy management) or other governance-focused credentials

Please send your CV to hr@isaa.am, ensuring you mention the position name in the subject line of the email.