When an attribute is not in the wizard, you can just type its actual LDAP display name. For the SID it is "objectSid".
But there is an easier way in this case. The user's SID is already in the claim pipeline (it is coming from the AD acceptance rules). SO instead of doing a LDAP call, you can simply chose the "Passthrough or Filter an Incoming Claim" template and use the following: