SOC Tools Engg & Operations

The SOC Engineering and Operational Lead Engineer is responsible for the engineering and administration activities of SOC tools, such as SIEM, SOAR, and deception technology. Continuously focus on enabling Automations to Support SOC Tools Administrations & Security Incident Detections and response activities.

Job Description :

• Daily Operational management of SOC Tools. (Including SIEM, SOAR..etc Components Infra Maintenance).
• Log, Alert & Enrichment sources integrations with SOC Tools.
• Co-ordinate with different stakeholders to understand the Integration sources to ensure appropriate baseline created and maintained as per industry standards.
• Ensure appropriate correlation rules are in place against the log source types for threat / anomaly detections.
• Ensure proper Incident types, fields, playbooks are defined for Automations in SOAR.
• Continuous touch base with Incident Detection and Response team to fine tune the rules with adequate threshold based on their feedback.
• Evaluate New SOAR / SIEM / Log analytics / big data forensic technologies products to maintain our tools base per industry standard and Olam requirements. (including Open source)
• Interface with stakeholders in different parts of the globe to ensure systems are deployed to the appropriate configuration.
• Develop metrics dashboard to identify trends, anomalies, and opportunities for improvement.
• Ensure adequate change management and documents maintained for SIEM related Changes.
• Periodical review of SOC Tools Architecture, Log Baseline, Rules, Assets health, Automations, Playbooks..etc.
• Ensure high quality of Industry standards and brand consistency in all IT projects.
• Ensure to work with technology stakeholders to enable the deception decoys.

Profile Description :

Skills Required

Cybersecurity, Soc, Siem, SOAR, Splunk