The Information Systems Agency of Armenia (ISAA) is supporting the creation of the Armenian e-society. In collaboration with the Government and the Central Bank of Armenia, our mission is to implement key standards for how public services and digital projects should be delivered. Our guiding standard is the “Digital Architecture of Armenia,” a Government-approved approach that places interoperability, security, and high-quality service delivery as its core pillars.
Our team consists of technology and policy-making specialists from various sectors. We work transparently, engaging both public and private sectors, to help Armenia realize its goal of becoming a truly electronic society.

You are an experienced incident response professional with strong technical depth and the ability to lead during high-pressure situations. You are comfortable taking ownership of complex cybersecurity incidents and guiding teams through the full response lifecycle, from detection to recovery and post-incident analysis.

You bring a structured, methodical approach to incident response and are committed to continuous improvement of processes, tools, and capabilities. You are able to collaborate effectively with technical teams, system owners, and leadership, and you value clear documentation, knowledge sharing, and mentoring. You are motivated to contribute directly to Armenia’s national cyber resilience and operational readiness.

• Lead and execute the full incident response lifecycle, including preparation, detection, analysis, containment, eradication, recovery, and post-incident review.
• Develop, maintain, test, and continuously improve national and sectoral Incident Response Plans (IRPs) and playbooks.
• Act as the senior technical lead during active incidents, coordinating incident responders, analysts, and system owners.
• Perform evidence collection and forensic triage in cooperation with system administrators and affected users.
• Maintain and enhance AM-CERT’s incident response and disaster recovery infrastructure.
• Develop and update standard operating procedures (SOPs), response guidelines, and technical runbooks.
• Create actionable response guidelines for common incident types, including ransomware, DDoS attacks, and data breaches.
• Conduct post-incident reviews and lessons-learned sessions, incorporating findings into updated procedures.
• Support national cyber exercises, simulations, and tabletop drills.
• Mentor junior incident responders and contribute to the development of AM-CERT’s technical capabilities.

• Minimum of 5 years of hands-on experience in incident response, SOC, CERT/CSIRT, or cyber defense roles.
• Experience working in national CERTs or critical infrastructure environments.
• Knowledge of hybrid threats and nation-state attack techniques.
• Relevant professional certifications (e.g., GCIA, GCIH, GCED, CISSP, or similar).
• Proven experience handling complex, high-impact cybersecurity incidents.
• Strong knowledge of incident response frameworks such as NIST 800-61 and ISO/IEC 27035.
• Experience with forensic evidence handling and chain-of-custody practices.
• Proficiency with SIEM, EDR, network monitoring, and forensic tools.
• Strong documentation, analysis, and reporting skills.
• Fluency in Armenian and English.

Please send your CV to hr@isaa.am, ensuring you mention the position name Senior Incident Responder – AM-CERT in the subject line of the email.