Incident Response Specialist

Yerevan | Full time

Job Description

Freedom Broker Armenia — part of Freedom Holding Corp., an international financial group operating in more than 15 countries.

We provide a full range of brokerage services, investment solutions, and cutting-edge financial technologies.

If you are ready to grow and develop in a dynamic financial environment — join our team!

Job responsibilities

• Develop, document, and update incident response plans (IRPs, playbooks) for different types of threats and scenarios.
• Configure, test, and maintain detection and monitoring tools (SIEM, IDS/IPS, WAF, antivirus, etc.).
• Develop procedures and policies for incident classification, escalation, and communication.
• Continuously monitor security events: analyze logs, network traffic, and alerts from protection systems.
• Identify, classify, and prioritize incidents based on threat level and potential business impact.
• Immediately localize incidents: block affected systems or networks, isolate nodes, limit threat spread.
• Remove malware, close vulnerabilities, restore patches, updates, and other protection measures.
• Restore systems and services: data recovery, integrity verification, and system operability restoration.
• Conduct digital forensics: analyze images and logs to identify the source and method of attack.
• Maintain detailed documentation for each incident: event timeline, actions taken, resources, and involved personnel.
• Adapt and improve procedures, tools, and playbooks based on lessons learned from past incidents.
• Conduct proactive threat hunting, including working with indicators of compromise (IOCs) and threat intelligence.
• Perform vulnerability assessments.

Required qualifications

• Strong understanding of IT infrastructure architecture: operating systems (Windows, Linux, macOS), networks, cloud services, and virtualization environments.
• Knowledge of network protocols, traffic analysis, and logging: ability to identify anomalies and compromise indicators.
• Experience with SIEM, IDS/IPS, EDR, antivirus, and other security monitoring tools.
• Skills in digital forensics and evidence analysis.
• Knowledge of malware detection and analysis methods.
• Proficiency in the incident response lifecycle and processes.
• Experience developing and maintaining response plans, playbooks, procedures, and instructions.
• Ability to assess incident impact: risk analysis, evaluation of consequences, data leakage scope, and business impact.
• Excellent knowledge of Armenian and Russian, good knowledge of English

Contact information

All interested candidates are encouraged to send CVs to Balukhina@ffin.am.

Please clearly mention that you have heard of this job opportunity on telegram channel VG Recruiting Agency.