Overview

Responsibilities:
  • Develop and implement an Information Security Management System (ISMS) for the Information Systems Agency of Armenia
  • Design and execute risk-avoidance and risk-mitigation strategies to strengthen cybersecurity resilience
  • Identify and assess emerging risks, including regulatory changes affecting public and private sector projects, and develop policies and tools for proactive risk management
  • Evaluate compliance risks for critical infrastructure operators through systematic identification, analysis, and assessment
  • Establish standardized risk management and communication frameworks to improve reporting and decision-making
  • Analyze security reports to identify vulnerabilities and recommend effective risk remediation strategies
  • Provide strategic guidance to public and private organizations on implementing cybersecurity requirements
  • Facilitate cross-sector information sharing on policy developments, technical challenges, and best practices
Required Qualifications:
  • Bachelor’s Degree in Computer Science, Information Security, or a related field
  • 5+ years of prior information security systems or IT risk management experience
  • Expert knowledge of information security management systems and procedures
  • Knowledge of frameworks necessary to standardize processes and support risk management
  • Strong technical background with the ability to develop IT security concepts and evaluate them
  • Knowledge of IT supply chain risk management policies, requirements, and procedures
  • Knowledge of network security architecture concepts, including topology, protocols, components, and principles (e.g., application of defense-in-depth)
  • Knowledge of network traffic flow (e.g., TCP/IP, OSI model, ITIL)
  • Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, SQL injections, etc.)
  • Ability to interpret application vulnerability assessments and security system vulnerabilities using tools (e.g., fuzzing, nmap, etc.)
  • Knowledge of penetration testing principles and tools, and the ability to apply this knowledge
  • Knowledge of applicable policies, regulations, and compliance documents specific to cyber defense auditing
  • Strong analytical and problem-solving skills
  • Excellent communication skills
  • Professional qualifications in Information Security and Risk, e.g., CISSP, ISO27001 Lead Auditor/Implementor, or CRISC
Note:

✨ Our intelligent job search engine discovered this job and republished it for your convenience.
Please be aware that the job information may be incorrect or incomplete. The job announcement remains the property of its original publisher. To view the original job and its full details, please visit the job's URL on the owner’s page.

Please clearly mention that you have heard of this job opportunity on https://ijob.am.