Overview

Responsibilities:
  • Perform incident triage: validate alerts, determine severity and impact, scope affected assets, and recommend immediate containment actions
  • Investigate incidents across endpoint, network, cloud, and application environments using logs, telemetry, and forensic artifacts
  • Coordinate containment, eradication, and recovery activities with system owners, service providers, and other stakeholders, including on-site support when required
  • Collect, preserve, and document evidence using forensically sound methods and maintain the chain of custody where applicable
  • Produce high-quality incident reports, after-action reviews, and actionable recommendations for remediation and long-term risk reduction
  • Develop, maintain, and test incident response playbooks, SOPs, and technical runbooks for common incident types (e.g., ransomware, DDoS, data breaches)
  • Support proactive activities such as threat hunting, vulnerability and malware analysis, and publication of guidance or advisories when appropriate
  • Participate in national cyber exercises, tabletop simulations, and training activities; contribute to mentoring and knowledge sharing within the team
Required Qualifications:
  • 3+ years of hands-on experience in incident response, SOC operations, DFIR, or cyber roles
  • Strong understanding of incident response methodologies and practical experience across the incident lifecycle (detection, analysis, containment, eradication, recovery, and lessons learned)
  • Solid knowledge of networking and operating systems (Windows and Linux) and the ability to analyze logs and network traffic
  • Experience using security tooling such as SIEM, EDR, network monitoring, and forensic utilities
  • Strong documentation and reporting skills; ability to communicate clearly during high-pressure situations
  • High integrity, discretion, and ability to handle sensitive information responsibly
Note:

✨ Our intelligent job search engine discovered this job and republished it for your convenience.
Please be aware that the job information may be incorrect or incomplete. The job announcement remains the property of its original publisher. To view the original job and its full details, please visit the job's URL on the owner’s page.

Please clearly mention that you have heard of this job opportunity on https://ijob.am.