SIEM Engineer – Microsoft Sentinel

Global Service Center- Costa Rica

Aplicar ahora

Resumen de la Empresa

Sysco conecta al mundo para compartir alimentos y cuidar unos de otros. Sysco lidera desde el corazón de la comida y el servicio para ofrecer los alimentos más frescos e ideas innovadoras a restaurantes, centros de salud, instituciones educativas, establecimientos de hospedaje y otros clientes que preparan comidas fuera del hogar. Nuestros clientes pueden contar con nosotros para entregar productos y soluciones precisas, ya que solo Sysco es el líder global que se encuentra en el centro de la innovación en suministro, entrega, cocina y más.

Acerca del role:

We are seeking a skilled and motivated SIEM Engineer with deep expertise in Microsoft Sentinel to join our Security Operations team. This role is responsible for designing, implementing, and maintaining our SIEM infrastructure, enabling proactive threat detection, incident response, and compliance reporting. The ideal candidate will have hands-on experience with Sentinel, KQL (Kusto Query Language), and Azure-native security tools.

Responsibilities:

SIEM Engineering & Administration

Design, deploy, and maintain Microsoft Sentinel SIEM infrastructure.
Develop and optimize data connectors for log ingestion from cloud, on-prem, and hybrid sources.
Manage and tune analytic rules, workbooks, playbooks, and automation workflows.

Threat Detection & Response Enablement

Create and refine KQL queries for custom detection use cases.
Collaborate with Threat Intelligence and SOC teams to operationalize threat indicators and behavioral analytics.
Support incident investigation through log enrichment and correlation.

Monitoring & Performance

Ensure high availability and performance of Sentinel components.
Monitor ingestion costs and optimize data retention policies.
Implement health checks and alerting for SIEM infrastructure.

Compliance & Reporting

Assist in generating reports for regulatory and audit requirements.
Maintain documentation for SIEM architecture, data flows, and detection logic.

Collaboration & Continuous Improvement

Work closely with cloud, infrastructure, and application teams to onboard new log sources.
Stay current with Microsoft Sentinel roadmap and security best practices.
Participate in purple team exercises and detection gap analysis.

Qualifications:

3 years of experience in SIEM engineering or security operations.
2 years of hands-on experience with Microsoft Sentinel.
Proficiency in KQL (Kusto Query Language).
Strong understanding of Azure Security Center, Defender for Cloud, Log Analytics, and related services.
Experience with incident response, threat detection, and log management.
Familiarity with MITRE ATT&CK, NIST, or other security frameworks.
Microsoft certifications (e.g., SC-200, AZ-500).
Experience with Azure Logic Apps, Microsoft Defender XDR, or M365 security tools.
Scripting experience (PowerShell, Python) for automation.
Exposure to SOAR platforms and playbook development.

Benefits:

This is a hybrid position with on-site presence required based on business needs
Private Medical Insurance
Asociacion Solidarista
Life Insurance
Personal Day Off

Note: Only candidates with Costa Rican nationality or valid immigration status will be considered; applicants residing outside Costa Rica will not be considered, and relocation is not available

Aplicar ahora