Sysco Logo

Sysco

SIEM Engineer – Microsoft Sentinel

Reposted 2 Days Ago
Be an Early Applicant
In-Office or Remote
8 Locations
Mid level
In-Office or Remote
8 Locations
Mid level
The SIEM Engineer will design and maintain Microsoft Sentinel infrastructure, create KQL queries, and support threat detection and incident response, ensuring compliance reporting and performance monitoring.
The summary above was generated by AI
JOB DESCRIPTION
We are seeking a skilled and motivated SIEM Engineer with deep expertise in Microsoft Sentinel to join our Security Operations team. This role is responsible for designing, implementing, and maintaining our SIEM infrastructure, enabling proactive threat detection, incident response, and compliance reporting. The ideal candidate will have hands-on experience with Sentinel, KQL (Kusto Query Language), and Azure-native security tools.

Responsibilities: 

SIEM Engineering & Administration 

  • Design, deploy, and maintain Microsoft Sentinel SIEM infrastructure. 

  • Develop and optimize data connectors for log ingestion from cloud, on-prem, and hybrid sources. 

  • Manage and tune analytic rules, workbooks, playbooks, and automation workflows. 

Threat Detection & Response Enablement 

  • Create and refine KQL queries for custom detection use cases. 

  • Collaborate with Threat Intelligence and SOC teams to operationalize threat indicators and behavioral analytics. 

  • Support incident investigation through log enrichment and correlation. 

Monitoring & Performance 

  • Ensure high availability and performance of Sentinel components. 

  • Monitor ingestion costs and optimize data retention policies. 

  • Implement health checks and alerting for SIEM infrastructure. 

Compliance & Reporting 

  • Assist in generating reports for regulatory and audit requirements. 

  • Maintain documentation for SIEM architecture, data flows, and detection logic. 

Collaboration & Continuous Improvement 

  • Work closely with cloud, infrastructure, and application teams to onboard new log sources. 

  • Stay current with Microsoft Sentinel roadmap and security best practices.

  • Participate in purple team exercises and detection gap analysis. 

Qualifications: 

  • 3 years of experience in SIEM engineering or security operations. 

  • 2 years of hands-on experience with Microsoft Sentinel

  • Proficiency in KQL (Kusto Query Language)

  • Strong understanding of Azure Security Center, Defender for Cloud, Log Analytics, and related services. 

  • Experience with incident responsethreat detection, and log management

  • Familiarity with MITRE ATT&CKNIST, or other security frameworks. 

  • Microsoft certifications (e.g., SC-200, AZ-500). 

  • Experience with Azure Logic AppsMicrosoft Defender XDR, or M365 security tools

  • Scripting experience (PowerShell, Python) for automation. 

  • Exposure to SOAR platforms and playbook development. 

Benefits:

  • This is a hybrid position with on-site presence required based on business needs

  • Private Medical Insurance

  • Asociacion Solidarista

  • Life Insurance

  • Personal Day Off

Note: Only candidates with Costa Rican nationality or valid immigration status will be considered; applicants residing outside Costa Rica will not be considered, and relocation is not available

Top Skills

Azure Logic Apps
Azure Security Center
Defender For Cloud
Kql
Log Analytics
M365 Security Tools
Microsoft Defender Xdr
Microsoft Sentinel
Powershell
Python

Similar Jobs

Sysco Logo
Sysco

SIEM Engineer – Microsoft Sentinel

2 Days Ago
In-Office or Remote
8 Locations
Mid level
Mid level
Food • Logistics
The SIEM Engineer will design, implement, and maintain Microsoft Sentinel infrastructure, facilitate threat detection and response, and ensure compliance reporting.
Top Skills: Azure Logic AppsAzure Security CenterDefender For CloudKqlLog AnalyticsM365 Security ToolsMicrosoft Defender XdrMicrosoft SentinelPowershellPython
Coinbase Logo
Coinbase

Senior Product Manager

7 Hours Ago
Remote
Canada
218K-218K Annually
Senior level
218K-218K Annually
Senior level
Artificial Intelligence • Blockchain • Fintech • Financial Services • Cryptocurrency • NFT • Web3
Lead the design and build of the incentives platform at Coinbase, partnering with cross-functional teams to enhance user engagement and lifetime value through innovative incentive systems.
Top Skills: A/B TestingData AnalysisOptimization FrameworksRisk And Compliance Systems
Apryse Logo
Apryse

Director, Brand & Communications

15 Hours Ago
Remote
2 Locations
Expert/Leader
Expert/Leader
Productivity • Software • App development • Automation
The Director of Brand & Communications will lead Apryse's global brand strategy, enhance market presence through PR and media relations, and foster internal communication to inspire employees and advocate for the brand.

What you need to know about the Charlotte Tech Scene

Ranked among the hottest tech cities in 2024 by CompTIA, Charlotte is quickly cementing its place as a major U.S. tech hub. Home to more than 90,000 tech workers, the city’s ecosystem is primed for continued growth, fueled by billions in annual funding from heavyweights like Microsoft and RevTech Labs, which has created thousands of fintech jobs and made the city a go-to for tech pros looking for their next big opportunity.

Key Facts About Charlotte Tech

  • Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
  • Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
  • Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
  • Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account