Folx, I just got a phone call and an email about this position - They are offering $220,000/year. Alas, I am woefully under qualified... But I thought someone here might be a good fit! This is the email, and all I know about the position (the contact info is at the bottom of the req): Job Title: Cyber Security Analyst/Engineer - Sr. Location: McLean, VA Duration: 6+ months Contract Job Description: Job Description: Cyber Security Operations Center Analyst Client is looking for talented Cyber Security Analysts with traditional network security and cloud infrastructure monitoring experience to join our Cyber Security Operations Center (CSOC) in McLean, VA. The Senior Associate level CSOC Analyst position will require a deep knowledge of network protocols and infrastructure, log investigation techniques, knowledge/understanding of cloud infrastructures, and incident handling experience. Not only will you need to know about the threats to networks, applications, cloud infrastructure, and theory regarding network protocols, but also the ability to proactively identify signs of misuse and abuse using various log sources. It is your responsibility to find the threat actors attempting to attack the Client's infrastructure, and route out and stop any malicious actors who make it past our defenses. You will not be staring at a SIEM hoping to find the actionable alert in a sea of noise; you will not simply be following a script and escalating alerts to a tier 3 team. You will be responsible for investigations from start to finish, and for initiating your own investigations to locate malicious activity. In addition to the technical skills, you will need to be a leader, someone who enjoys training and mentoring teammates, and a person who can encourage and elevate the team. Basic Qualifications: At least 2 years of experience conducting Cyber Security investigations into network, cloud, and application activity At least 2 years of experience using system, cloud, application, and network logs to identify the root cause of issues At least 2 years of experience interpreting, and identifying abuse in, routed and routing protocols, cloud, and application traffic At least 2 years of experience with PCAP analysis, including extracting files and content from PCAPs, identifying gzipped content, base64 detection, cloud based investigations, and cloud network traffic analysis Preferred Qualifications: Bachelor’s Degree in Information Technology, Cyber Security, Computer Science 3+ years of experience conducting Cyber Security investigations into network and application activity 2+ years of experience working in a Security Operations Center (SOC) 2+ years of experience working with SIEMs and evaluating SIEM alerts 2+ years of experience leveraging core security, cloud, and infrastructure technologies during investigations (e.g. firewall logs, network security tools, malware detonation devices, proxies, IPS/IDS) Security+ or C|EH certified SANS GIAC 503 or 504 Certifications AWS Security Certification Best Regards, Prashant M (973) 507-7584 Ext.7584 [email protected]