Cybersecurity Incident Responder

Job Address
Application Deadline
Yerevan, Armenia
- Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise - Coordinate and provide expert technical support to cyber defense technicians to resolve cyber defense incidents, - Coordinate incident response functions - Monitor external data sources to maintain currency of cyber defense threat conditions, and determine which security issues may have an impact on the enterprise - Perform cyber defense trend analysis and reporting - Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems - Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts - Thoroughly examine and define all security flaws and holes in an organization’s computer systems and networks, - Define a course of action to take if a security problem does exist - Define protocols for communication with the organization and with law enforcement should a security incident occur - Write and publish after-action reviews - Write and publish cyber defense techniques, guidance, and reports on incident findings to appropriate constituencies
Required Qualifications
- Bachelor’s degree in Information Technology, Computer Science, Management, Information Systems or closely related field is required - Knowledge of business continuity and disaster recovery continuity of operations plans - Skills in preserving evidence integrity according to standard operating procedures or standards - Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions - Knowledge of cyber defense and information security policies, procedures, and regulations - Knowledge of incident categories, incident responses, and timelines for responses - Knowledge of incident response and handling methodologies - Skills in performing damage assessments - Knowledge of network security architecture concepts including topology, protocols, components, and principles - Skills in using security event correlation tools - Knowledge of network protocols such as TCP/IP, DHCP, DNS and directory services - Knowledge of system administration, network, and operating system hardening techniques - Knowledge of different classes of attacks - Knowledge of cyber-attack stages - Knowledge of malware analysis concepts and methodologies - Skills of identifying, capturing, containing, and reporting malware - Knowledge of system and application security threats and vulnerabilities - Knowledge of what constitutes a network attack and a network attack’s relationship to both threats and vulnerabilities - Skills in recognizing and categorizing types of vulnerabilities and associated attacks
Application Procedures
You can send your CV to the email Please mention in your application that you have learned about this position from