SIEM Engineer – Microsoft Sentinel
Global Service Center- Costa Rica
Apply NowEmployment Type
Compensation Range
Job Profile Summary
Resumen de la Empresa
Sysco conecta al mundo para compartir alimentos y cuidar unos de otros. Sysco lidera desde el corazón de la comida y el servicio para ofrecer los alimentos más frescos e ideas innovadoras a restaurantes, centros de salud, instituciones educativas, establecimientos de hospedaje y otros clientes que preparan comidas fuera del hogar. Nuestros clientes pueden contar con nosotros para entregar productos y soluciones precisas, ya que solo Sysco es el líder global que se encuentra en el centro de la innovación en suministro, entrega, cocina y más.
Description
We areseekinga skilled and motivatedSIEM Engineerwith deepexpertiseinMicrosoft Sentinelto join our Security Operations team. This roleis responsible fordesigning, implementing, andmaintainingour SIEM infrastructure, enabling proactive threat detection, incident response, and compliance reporting. The ideal candidate will have hands-on experience with Sentinel, KQL (Kusto Query Language), and Azure-native security tools.
Key Responsibilities:
SIEM Engineering & Administration
- Design, deploy, andmaintainMicrosoft Sentinel SIEM infrastructure.
- Develop andoptimizedata connectors forlogingestion from cloud, on-prem, and hybrid sources.
- Manage and tune analytic rules, workbooks, playbooks, and automation workflows.
Threat Detection & Response Enablement
- Create and refine KQL queries for custom detection use cases.
- Collaborate with Threat Intelligence and SOC teams to operationalize threat indicators and behavioral analytics.
- Support incident investigation through log enrichment and correlation.
Monitoring & Performance
- Ensure high availability and performance of Sentinel components.
- Monitor ingestion costs andoptimizedata retention policies.
- Implement health checks andalerting forSIEM infrastructure.
Compliance & Reporting
- Assistin generating reports for regulatory and audit requirements.
- Maintain documentation for SIEM architecture, data flows, and detection logic.
Collaboration & Continuous Improvement
- Work closely withcloud, infrastructure, and application teams to onboard new log sources.
- Stay current with Microsoft Sentinel roadmap and security best practices.
- Participate in purple team exercises and detection gap analysis.
Qualifications:
- 3 years of experience in SIEM engineering or security operations.
- 2 years of hands-on experience withMicrosoft Sentinel.
- ProficiencyinKQL (Kusto Query Language).
- Strong understanding ofAzure Security Center, Defender for Cloud, Log Analytics, and related services.
- Experience withincident response,threat detection, andlog management.
- Familiarity withMITRE ATT&CK,NIST, or other security frameworks.
- Microsoft certifications (e.g., SC-200, AZ-500).
- Experience withAzure Logic Apps,Microsoft Defender XDR, orM365 security tools.
- Scripting experience (PowerShell, Python) for automation.
- Exposure to SOAR platforms and playbook development.
Benefits:
- Hybrid position with on-site presence required based on business needs.(Site: Ultra park II Lagunilla, Heredia)
- Private Medical Insurance
- Asociacion Solidarista
- Life Insurance
- Personal Day Off
Note: Only candidates with Costa Rican nationality or valid immigration status will be considered; applicants residing outside Costa Rica will not be considered, and relocation is not available
Overview
Affirmative Action Statement
Apply Now
