Senior Engineer - Cyber Security Operations (SIEM Engineer)
SyscoSysco LABS - Sri Lanka
Posted September 25, 2025
Full Time
About the Company
Sysco LABS is the Global In-House Center of Sysco Corporation, delivering technology that powers Sysco's end-to-end operations.
Job Description
The Senior Engineer - Cyber Security Operations (SIEM Engineer) will design, implement, and maintain our SIEM infrastructure to enable proactive threat detection, incident response, and compliance reporting.
Requirements
- Designing, deploying, and maintaining Microsoft Sentinel SIEM infrastructure
- Developing and optimizing data connectors for log ingestion from cloud, on-prem, and hybrid sources
- Managing and tuning analytic rules, workbooks, playbooks, and automation workflows
- Creating and refining KQL queries for custom detection use cases
- Collaborating with Threat Intelligence and SOC teams to operationalize threat indicators and behavioral analytics
- Supporting incident investigation with log enrichment and correlation
- Ensuring high availability and performance of Sentinel components
- Monitoring ingestion costs and optimizing data retention policies
- Implementing health checks and alerting for SIEM infrastructure
- Generating reports for regulatory and audit requirements
- Maintaining documentation for SIEM architecture, data flows, and detection logic
- Working closely with cloud, infrastructure, and application teams to onboard new log sources
- Staying up to date with Microsoft Sentinel roadmap and security best practices
- Participating in purple team exercises and detection gap analysis
Benefits
- US dollar-linked compensation
- Performance-based annual bonus
- Recognition and rewards programs
- Agile Benefits
- Paid birthday leave
- Team engagement allowance
- Comprehensive health & life insurance cover
- Overseas travel opportunities and client environment exposure
- Hybrid work arrangement
