Hayk Mkrtchyan

• Conduct quarterly vulnerability scans, identify top vulnerabilities specific to the company, perform risk assessments, and report findings to senior management.
• Monitor internal legal acts of the company to identify any inconsistencies.
• Review logs to identify anomalies, unauthorized operations, and system failures.
• Perform OSINT (Open Source Intelligence) to gather information about the company from publicly available sources.
• Conduct awareness training, develop training materials, and assess employees' knowledge through testing.
• Assess risks and evaluate the effectiveness of the Information Security Management System (ISMS).
• Implement and manage access control measures.
• Review system settings to ensure compliance with established requirements.
• Document violations, perform root cause analysis, and recommend corrective measures.
• Scan Wi-Fi networks to detect and mitigate fake access points.

In addition to these core responsibilities, I have achieved significant milestones over the past two years. I actively participated in the internal audit process of the ISMS system, I was also involved in our successful ISO 27001:2022 certification, ensuring our processes met international standards for information security management.

I regularly participate in top management meetings, where I propose ideas that have led to the development of new security processes. I am also involved in several ongoing projects and tasks that continue to improve our security processes and prepare us for emerging challenges.