Apply now »

Senior Manager - SOC Threat Intel & Hunting Specialist

Date:  04-May-2022
Country:  India
Function:  Information Security


About Us

Olam International is a leading food and agri-business supplying food, ingredients, feed and fibre to over 19,800 customers worldwide. Our value chain spans over 60 countries and includes farming, processing and distribution operations, as well as a sourcing network of 4.8 million farmers. Through our purpose to 'Re-imagine Global Agriculture and Food Systems', Olam aims to address the many challenges involved in meeting the needs of a growing global population, while achieving positive impact for farming communities, our planet and all our stakeholders. Headquartered and listed in Singapore, Olam currently ranks among the top 30 largest primary listed companies in terms of market capitalisation on SGX-ST.

Olam Information Services (OISL) is a captive subsidiary of Olam International, Singapore offering IT Services & Global Business Services across its operations in 65 countries in Asia, Africa, EU & Americas. In Chennai, we currently have onboard more than 1000 highly motivated employees. Olam Digital has received International Innovation Award 2019 for Best Services and Solutions.

Olam Global Business Services (OGBS) is a captive unit that offers End to End business process and analytics solutions. OGBS currently offers its solutions in 6 Platforms: Finance, Supply Chain, People services, Risk & Market Compliance, Big Data Analytics and Business Intelligence. At this moment, OGBS is located in City of Chennai, India and provides its services to over 20 countries. Olam GBS has received Best Shared Services in India Award – 2019, by Shared Services Forum and Asia’s No.1 Shared Services in Process Improvement and Value Creation, 2019 by Shared Services and Outsourcing Network Forum.

Job Summary

Cyber Threat Intelligence (CTI) is used to get constant information updates from outside source about a given organization. The services consists of two main parts: information for security teams and IOC (Indicator of Compromise) mostly used to automatic data enrichment for internal monitoring with SIEM systems, IPS (Intrusion Prevention System) or IDS/NIDS/HIDS (Intrusion Detection System, Network, Host). Simplest example of such enrichment might be acquiring IP addresses information from the honeypot network used by attackers or detecting changes of open ports in the company infrastructure.

Job Description

  • Actively monitor and research about recent threats – Threat actors/TTP’s, review the relevancy to our organization and deploy the IOC’s/IOA’s/SIEM Use Cases
  • Periodic testing to ensure the effectiveness & Gap in SOC detection controls by active and passive mode of testing. (SIEM Rules, Threat Indicators. Etc)
  • Regular & Periodic Threat hunting exercise execution for hunting based on the Security Monitoring gap assessments
  • Weekly Threat Intelligence & Hunting metrics submission to assure that our network and endpoints are adequately monitored
  • Supporting SIEM Support team to ensure the adequate log sources integrations
  • Assist with defining and updating Threat intelligence and hunting procedures, playbooks, to ensure tasks align with best practices and automations
  • Identify and propose areas for improvement within the Security Operations Centre
  • Responsible for driving execution of daily, weekly, and monthly metrics for Threat Intelligence & Hunting to assure that our network and endpoints are adequately monitored
  • Coordinate with global stakeholders to understand about the Infra and application, business process to get through understanding to ensure the Threat hunting and SOC Monitoring coverage.

Profile Description

  • Graduate/Post-graduate in Computer Science or relevant qualification with minimum of 12+ years of specific Information Security experience
  • In-depth knowledge of cyber defensive and offensive techniques, malware families and adversary tactics, techniques and procedures
  • Demonstrated experience with endpoints telemetry, Malware Analysis tools, Exploit kits and SIEM platforms.
  • Log (network, security, access, OS, application, etc. ) forensic skills and experience in identifying, hunting and investigating security Threats.
  • Skills in reviewing, contextualize and action on Cyber threat Intelligence
  • Strong knowledge of Operating System (Linux, Windows. Etc) and Network internals
  • Should have Scripting knowledge (PowerShell, Python,Vbscript..etc)
  • Have sound analytical and problem solving skills
  • Preferable be a GIAC, CISSP, OSCP,OSCE certified Professional
  • Experience in product suites like Mcafee, Fireye, Crowd Strike, any SOAR products, Threat intel platforms etc
  • Strong knowledge in security engineering practises, web/Application security, Cloud Security.

Olam is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, nationality, disability, protected veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law.

Applicants are requested to complete all required steps in the application process including providing a resume/CV in order to be considered for open roles.

Apply now »