Senior Engineer - Cyber Security Operations (SIEM Engineer) at Sysco

, , Sri Lanka -

Full Time

Start Date

Immediate

Expiry Date

24 Dec, 25

Salary

0.0

Posted On

25 Sep, 25

Experience

2 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Microsoft Sentinel, KQL, Azure Security Center, Defender For Cloud, Log Analytics, Incident Response, Threat Detection, Log Management, MITRE ATT&CK, NIST, Analytical Skills, Problem-Solving, Communication Skills, Scripting, SOAR Platforms

Industry

Food and Beverage Services

Description

JOB DESCRIPTION Senior Engineer - Cyber Security Operations (SIEM Engineer) The Big Picture Sysco LABS is the Global In-House Center of Sysco Corporation (NYSE: SYY), the world’s largest foodservice company. Sysco ranks 56th in the Fortune 500 list and is the global leader in the trillion-dollar foodservice industry. Sysco employs over 75,000 associates, operates 337 smart distribution facilities worldwide, and has over 14,000 IoT-enabled trucks serving 730,000 customer locations. For fiscal year 2025 (ended June 29, 2025), the company generated sales exceeding $81.4 billion. Sysco LABS Sri Lanka delivers the technology that powers Sysco’s end-to-end operations, enabling sourcing, merchandising, storage, order placement, warehouse operations, delivery logistics, and even enhancing the in-restaurant dining experience of Sysco’s global customers. The Opportunity This position is part of Sysco’s Cyber Security Operations team. As a SIEM Engineer specializing in Microsoft Sentinel, you will design, implement, and maintain our SIEM infrastructure to enable proactive threat detection, incident response, and compliance reporting. This role is highly collaborative, working closely with SOC, Threat Intelligence, Cloud, and Infrastructure teams to ensure that Sysco’s security monitoring capabilities remain robust and up to date. Responsibilities: Designing, deploying, and maintaining Microsoft Sentinel SIEM infrastructure Developing and optimizing data connectors for log ingestion from cloud, on-prem, and hybrid sources Managing and tuning analytic rules, workbooks, playbooks, and automation workflows Creating and refining KQL queries for custom detection use cases Collaborating with Threat Intelligence and SOC teams to operationalize threat indicators and behavioral analytics Supporting incident investigation with log enrichment and correlation Ensuring high availability and performance of Sentinel components Monitoring ingestion costs and optimizing data retention policies Implementing health checks and alerting for SIEM infrastructure Generating reports for regulatory and audit requirements Maintaining documentation for SIEM architecture, data flows, and detection logic Working closely with cloud, infrastructure, and application teams to onboard new log sources Staying up to date with Microsoft Sentinel roadmap and security best practices Participating in purple team exercises and detection gap analysis Requirements: A Bachelor's Degree in Cybersecurity, Computer Science, Networking, or related field 3+ years of experience in SIEM engineering or security operations, with 2+ years hands-on in Microsoft Sentinel Proficiency in KQL (Kusto Query Language), understanding of Azure Security Center, Defender for Cloud, and Log Analytics Familiarity with incident response, threat detection, and log management processes Working knowledge of MITRE ATT&CK, NIST, or equivalent security frameworks Strong analytical, problem-solving, and communication skills Microsoft certifications such as SC-200, AZ-500 Experience with Azure Logic Apps, Microsoft Defender XDR, and M365 security tools Scripting knowledge (PowerShell, Python) for automation Experience with SOAR platforms and playbook development Benefits US dollar-linked compensation Performance-based annual bonus Recognition and rewards programs Agile Benefits – special allowances for Health, Wellness & Academic purposes Paid birthday leave Team engagement allowance Comprehensive health & life insurance cover (extendable to parents and in-laws) Overseas travel opportunities and client environment exposure Hybrid work arrangement Sysco LABS is an Equal Opportunity Employer. Sysco is the global leader in selling, marketing and distributing food products to restaurants, healthcare and educational facilities, lodging establishments and other customers who prepare meals away from home. Its family of products also includes equipment and supplies for the foodservice and hospitality industries. With more than 71,000 colleagues, the company operates 333 distribution facilities worldwide and serves approximately 700,000 customer locations. For fiscal year 2022 that ended July 2, 2022, the company generated sales of more than $68 billion. Information about our Sustainability program, including Sysco’s 2022 Sustainability Report and 2022 Diversity, Equity & Inclusion Report, can be found at www.sysco.com.

Responsibilities

The Senior Engineer will design, implement, and maintain the SIEM infrastructure, focusing on Microsoft Sentinel for proactive threat detection and incident response. This role involves collaboration with various teams to ensure robust security monitoring capabilities.