cybersecurity engineer senior, CSOC (Cybersecurity Operations Center)

Now Brewing – cybersecurity engineer senior, CSOC (Cybersecurity Operations Center)! #tobeapartner From the beginning, Starbucks set out to be a different kind of company. One that not only celebrated coffee and the rich tradition, but that also brought a feeling of connection. We are known for developing extraordinary leaders who share this passion and are guided by their service to others. This position contributes to Starbucks success by utilizing a variety of tools to investigate alerts and indicators of compromise, review log data, and assess operational health for the Starbucks Security platforms. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cybersecurity threats, and a validated track record of a hands-on approach to maturing defense capabilities in highly targeted environment at scale. Success for the role will be by contributing to the delivery of a world class cybersecurity program that is positioned to address, contain, and drive successful resolution to any cybersecurity situation. As a cybersecurity engineer senior, CSOC (Cybersecurity Operations Center) , you will... • Detect, assess and respond to alerts and incidents • Perform rapid triage to determine severity, validity, and urgency of alerts • Follow SOC playbooks and SOPs to ensure consistent triage and decision-making • Creates custom detections aligned to the MITRE ATT&CK Framework • Review and audit available logging to determine potential gaps in detection capabilities • Reviews threat intel reports and feeds, makes recommendations for profile or toolset changes based on reviews • Hunts for new threats and perform data analytics to surface activity not seen within the environment • Performs in-depth investigations on Windows, Linux, and MacOS hosts • Write stories for engineers to improve our SOAR environment • Support the improvement of SOC processes through feedback and operation observations • Acts as a mentor and escalation point for SOC engineers • Tune security tool configuration to minimize false positives • Collaborate with security leadership, engineering, and compliance to execute security strategies • Assess our current cloud security and propose improvements or solutions • Serve as a subject matter expert for security tools, applications, and processes We’d love to hear from people with: • 5+ years of experience working in an information technology discipline • 4+ years of security operations experience • Deep technical understanding of modern Cybersecurity threats • Ability to quickly learn new cybersecurity concepts • Understanding of the MITRE ATT&CK framework and the ability to create detections based on analysis of attacker tools & techniques using this framework • Proficient in programming with at least one modern language such as Python, Powershell, C#, Ruby, Java, Rust, Go • Experience with the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security • Basic understanding of compliance and regulatory requirements such as SOX and PCI. • Ability to balance multiple priorities and meet deadlines • Excellent problem-solving abilities • Passionate about cybersecurity and self-driven to become an expert Preferred Qualifications • Proficiency in two or more of the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security • Proficiency in two or more of the following pillars: Phishing, DLP, Compliance, Networking, Forensics, Big Data, Threat Intel, Operating Systems, Reverse Engineering • Contributes back to the cybersecurity community through teaching or through code • Certifications such as CISSP, SSCP, GCIH or others focused on cybersecurity As a Starbucks partner, you (and your family) will have access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits. Partners have access to short-term and long-term disability, paid parental leave, family expansion reimbursement, paid vacation from date of hire*, sick time (accrued at 1 hour for every 25 hours worked), eight paid holidays, and two personal days per year. Starbucks also offers eligible partners participation in a 401(k) retirement plan with employer match, a discounted company stock program (S.I.P.), Starbucks equity program (Bean Stock), incentivized emergency savings, and financial well-being tools. Additionally, Starbucks offers 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan, student loan management resources, and access to other educational opportunities. You will also have access to backup care and DACA reimbursement. Starbucks will comply with any applicable state and local laws regarding employee leave benefits, including, but not limited to providing time off pursuant to the Colorado Healthy Families and Workplaces Act, and in accordance