Job Details

Job Summary:

The SOC Engineering and Operational Lead Engineer is responsible for the engineering and administration activities of SOC tools, such as SIEM, SOAR, and deception technology. Continuously focus on enabling Automations to Support SOC Tools Administrations & Security Incident Detections and response activities.

Job Description:

1. Daily Operational management of SOC Tools. (Including SIEM, SOAR..etc Components Infra Maintenance).
2. Log, Alert & Enrichment sources integrations with SOC Tools.
3. Co-ordinate with different stakeholders to understand the Integration sources to ensure appropriate baseline created and maintained as per industry standards.
4. Ensure appropriate correlation rules are in place against the log source types for threat/anomaly detections.
5. Ensure proper Incident types, fields, playbooks are defined for Automations in SOAR.
6. Continuous touch base with Incident Detection and Response team to fine tune the rules with adequate threshold based on their feedback.
7. Evaluate New SOAR/SIEM/Log analytics/big data forensic technologies products to maintain our tools base per industry standard and Olam requirements. (including Open source)
8. Interface with stakeholders in different parts of the globe to ensure systems are deployed to the appropriate configuration.
9. Develop metrics dashboard to identify trends, anomalies, and opportunities for improvement.
10. Ensure adequate change management and documents maintained for SIEM related Changes.
11. Periodical review of SOC Tools Architecture, Log Baseline, Rules, Assets health, Automations, Playbooks..etc.
12. Ensure high quality of Industry standards and brand consistency in all IT projects.
13. Ensure to work with technology stakeholders to enable the deception decoys.

Profile Description:

1. Must have 4+ years of experience in Splunk On Prem & Cloud SIEM Engineering and Administration.
2. Should have hands on experience in Implementation, configuration, and management of SIEM & SOAR technologies. (Prefer Splunk, Elk, Qradar, Securonix, Demisto, google secops, servicenow secops)
3. Should have hands on experience in creating custom correlation rules/alerts, searches, and data analytics in Splunk or similar Log analytics tool.
4. Should have hands on experience in creating custom playbooks, automation scripts in SOAR.
5. Must have strong working knowledge of Linux-flavored OS environments.
6. Strong knowledge in Broad infrastructure and technology background including demonstrable understanding of security operations in critical environment.
7. Have sound analytical and problem-solving skills.
8. Should have some experience with cloud infrastructure like Microsoft Azure, AWS & GCP.
9. Prefer Splunk or Similar log analytics certified Professional.
10. Must have strong scripting & Programming language knowledge. (Python,Powershell Vbscript,cc++,.net..etc)

About Company:

A client of ilink Talent Solutions is a Singapore‑headquartered technology and business services company with over 3,200 employees across Asia, the US, UK, Middle East, and Australia, supported by major innovation hubs in Chennai and Bengaluru. They deliver cloud, AI, data analytics, cybersecurity, automation, and digital transformation solutions. Recognised with awards including the SAP Outstanding Innovation Partner (SEA 2024) and Great Place to Work®, they are rapidly expanding their global client base beyond their founding parent group.