Job description

A Day in the Life: - Actively participate in 24x7 operations of the Long View Security Operations Centre for L2 support - Monitor, identify and validate security events generated from Security Information Event Management (SIEM) tools - Actively work in monitoring, event and incident management tools like Sentinel and Cortex - Respond to critical business impacting situations and coordinate the efforts required to engage the proper resources to remediate the issue - Coordinate major security incident situations and provide internal communications via email in a timely manor - Provide general support for Security Information Event Management (SIEM) tool changes, tweaks, additions and updates within Sentinel and any additional tools leveraged by Long View - Provide security guidance to team members across the organization how to best identify, contain and remediate security related incidents - Understand complex issues across on-premise, public and private cloud solutions and articulate the impact to higher tier team members - Follow and establish process documentation for receipt of security alerts for monitored devices, acknowledge the receipt of the event, opening and/or updating service desk tickets to track the handling of events to resolution and closure, assignment of the ticket to the appropriate owner - Work with cloud technologies like Azure, AWS and Google Cloud Platform - Fulfill reporting requests that can be pulled from Long View tools What You Bring: - 5+ years of professional experience in incident detection and response, malware analysis, or cyber forensics - Knowledge and experience monitoring Operations Technology and SIEM platforms such as: - o MS Sentinel - o Nozomi - o McAfee ePolicy Orchestrator - o RSA - o Defender for IoT - o Defender for Endpoint - o Defender for Cloud - o Defender for M365 - Knowledge and experience in Azure, Identity, SIEM platform administration and integration, network protocols, Firewall, IDS/IPS, windows, Linux. SOAR and Automation creation is highly desirable - Experience applying retrieval-augmented generation (RAG) AI and Agentic AI to business workflows desirable. - Extensive experience evaluating, interpreting, and integrating relevant data sources for the purpose of merging network attack analyses with counterintelligence and law enforcement investigations - Experience with various IT service management tools including performance monitoring and ITSM solutions - Experience working with incident, problem, change and service requests that follow ITIL framework standards - Experience provisioning new client services and working through customer onboarding tasks - Proven ability to troubleshoot and resolve technical and procedural issues - Strong verbal and written communication which will allow you to communicate effectively to customers in non-technical terms - Ability to react quickly and professionally with a sense of urgency What Makes You Extra Awesome - Intermediate level network and security certifications like the SC-200, AZ-500, SC-300, CISSP, OSCP Why Work At Long View? - Interesting work – Be part of exciting projects while accessing all the latest technologies - Career growth – Permanent staff positions, paid training, career life planning, and relocation and travel opportunities - RSP plan

Requirements