Sysco Logo

Sysco

SIEM Engineer – Microsoft Sentinel

Reposted Yesterday
Be an Early Applicant
In-Office or Remote
8 Locations
Mid level
In-Office or Remote
8 Locations
Mid level
The SIEM Engineer will design and maintain Microsoft Sentinel infrastructure, create KQL queries, and support threat detection and incident response, ensuring compliance reporting and performance monitoring.
The summary above was generated by AI
JOB DESCRIPTION
We are seeking a skilled and motivated SIEM Engineer with deep expertise in Microsoft Sentinel to join our Security Operations team. This role is responsible for designing, implementing, and maintaining our SIEM infrastructure, enabling proactive threat detection, incident response, and compliance reporting. The ideal candidate will have hands-on experience with Sentinel, KQL (Kusto Query Language), and Azure-native security tools.

Responsibilities: 

SIEM Engineering & Administration 

  • Design, deploy, and maintain Microsoft Sentinel SIEM infrastructure. 

  • Develop and optimize data connectors for log ingestion from cloud, on-prem, and hybrid sources. 

  • Manage and tune analytic rules, workbooks, playbooks, and automation workflows. 

Threat Detection & Response Enablement 

  • Create and refine KQL queries for custom detection use cases. 

  • Collaborate with Threat Intelligence and SOC teams to operationalize threat indicators and behavioral analytics. 

  • Support incident investigation through log enrichment and correlation. 

Monitoring & Performance 

  • Ensure high availability and performance of Sentinel components. 

  • Monitor ingestion costs and optimize data retention policies. 

  • Implement health checks and alerting for SIEM infrastructure. 

Compliance & Reporting 

  • Assist in generating reports for regulatory and audit requirements. 

  • Maintain documentation for SIEM architecture, data flows, and detection logic. 

Collaboration & Continuous Improvement 

  • Work closely with cloud, infrastructure, and application teams to onboard new log sources. 

  • Stay current with Microsoft Sentinel roadmap and security best practices.

  • Participate in purple team exercises and detection gap analysis. 

Qualifications: 

  • 3 years of experience in SIEM engineering or security operations. 

  • 2 years of hands-on experience with Microsoft Sentinel

  • Proficiency in KQL (Kusto Query Language)

  • Strong understanding of Azure Security Center, Defender for Cloud, Log Analytics, and related services. 

  • Experience with incident responsethreat detection, and log management

  • Familiarity with MITRE ATT&CKNIST, or other security frameworks. 

  • Microsoft certifications (e.g., SC-200, AZ-500). 

  • Experience with Azure Logic AppsMicrosoft Defender XDR, or M365 security tools

  • Scripting experience (PowerShell, Python) for automation. 

  • Exposure to SOAR platforms and playbook development. 

Benefits:

  • This is a hybrid position with on-site presence required based on business needs

  • Private Medical Insurance

  • Asociacion Solidarista

  • Life Insurance

  • Personal Day Off

Note: Only candidates with Costa Rican nationality or valid immigration status will be considered; applicants residing outside Costa Rica will not be considered, and relocation is not available

Top Skills

Azure Logic Apps
Azure Security Center
Defender For Cloud
Kql
Log Analytics
M365 Security Tools
Microsoft Defender Xdr
Microsoft Sentinel
Powershell
Python

Similar Jobs

Sysco Logo
Sysco

SIEM Engineer – Microsoft Sentinel

Yesterday
In-Office or Remote
8 Locations
Mid level
Mid level
Food • Logistics
The SIEM Engineer will design, implement, and maintain Microsoft Sentinel infrastructure, facilitate threat detection and response, and ensure compliance reporting.
Top Skills: Azure Logic AppsAzure Security CenterDefender For CloudKqlLog AnalyticsM365 Security ToolsMicrosoft Defender XdrMicrosoft SentinelPowershellPython
Dropbox Logo
Dropbox

Senior Manager, Product Design

An Hour Ago
Remote
Canada
Mid level
Mid level
Artificial Intelligence • Cloud • Consumer Web • Productivity • Software • App development • Data Privacy
Lead product design teams to create exceptional user experiences while developing design strategy and managing cross-functional partnerships. Foster a collaborative culture within Dropbox.
Top Skills: Computational Design MethodologiesDesign ToolsGenerative Design ToolsLlms
SoFi Logo
SoFi

Senior Strategy Analyst

An Hour Ago
Easy Apply
Remote or Hybrid
2 Locations
Easy Apply
Senior level
Senior level
Fintech • Mobile • Software • Financial Services
Analyze fraud patterns in loan applications, develop prevention strategies, collaborate across teams, conduct investigations, and utilize data analytics tools.
Top Skills: Advanced ExcelGoogle AnalyticsPower BIPythonSQLTableau

What you need to know about the Melbourne Tech Scene

Home to 650 biotech companies, 10 major research institutes and nine universities, Melbourne is among one of the top cities for biotech. In fact, some of the greatest medical advancements were conceptualized and developed here, including Symex Lab's "lab-on-a-chip" solution that monitors hormones to predict ovulation for conception, and Denteric's vaccine for periodontal gum disease. Yet, the thousands of people working in the city's healthtech sector are just getting started, to say nothing of the tech advancements across all other sectors.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account