Cybersecurity Incident Responder

UNICOMP CJSC

- Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise - Coordinate and provide expert technical support to cyber defense technicians to resolve cyber defense incidents, - Coordinate incident response functions - Monitor external data sources to maintain currency of cyber defense threat conditions, and determine which security issues may have an impact on the enterprise - Perform cyber defense trend analysis and reporting - Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems - Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts - Thoroughly examine and define all security flaws and holes in an organization’s computer systems and networks, - Define a course of action to take if a security problem does exist - Define protocols for communication with the organization and with law enforcement should a security incident occur - Write and publish after-action reviews - Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies

- Bachelor’s degree in Information Technology, Computer Science, Management, Information Systems or closely related field is required - Knowledge of business continuity and disaster recovery continuity of operations plans - Skills in preserving evidence integrity according to standard operating procedures or standards - Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions - Knowledge of cyber defense and information security policies, procedures, and regulations - Knowledge of incident categories, incident responses, and timelines for responses - Knowledge of incident response and handling methodologies - Skills in performing damage assessments - Knowledge of network security architecture concepts including topology, protocols, components, and principles - Skills in using security event correlation tools - Knowledge of network protocols such as TCP/IP, DHCP, DNS and directory services - Knowledge of system administration, network, and operating system hardening techniques - Knowledge of different classes of attacks - Knowledge of cyber-attack stages - Knowledge of malware analysis concepts and methodologies - Skills of identifying, capturing, containing, and reporting malware - Knowledge of system and application security threats and vulnerabilities - Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities - Skills in recognizing and categorizing types of vulnerabilities and associated attacks

You can send your CV to the email irina.margaryan@unicomp.am Please mention in your application that you have learned about this position from MyJob.am