cybersecurity engineer senior, threat detection and response

Description

Summary: This role contributes to Starbucks’ success by operating within the Security Operations Center (SOC) to detect, investigate, and respond to cybersecurity threats across the enterprise. Highlights: 1. Operate within the Security Operations Center to detect and respond to threats. 2. Design, build, and tune detections within SIEM using MITRE ATT&CK. 3. Develop SOAR playbooks to standardize and accelerate incident response. Apply Now Now Brewing – cybersecurity engineer senior, thre detection and response! #tobeapartner From the beginning, Starbucks set out to be a different kind of company. One th not only celebred coffee and the rich tradition, but th also brought a feeling of connection. We are known for developing extraordinary leaders who share this passion and are guided by their service to others. This role contributes to Starbucks’ success by opering within the Security Operions Center (SOC) to detect, investige, and respond to cybersecurity thres across the enterprise. You will leverage SIEM and SOAR plforms to perform advanced log analysis, valide alert fidelity, and continuously assess the operional health and coverage of Starbucks’ security tooling. You will design, build, and tune detections within the SIEM, transling real world adversary behaviors and MITRE ATT&CK aligned TTPs into high confidence, actionable alerts. This includes authoring and maintaining detection logic (e.g., KQL, SPL, or equivalent), reducing false positives and closing visibility gaps. The role also focuses on muring automion through SOAR by developing playbooks th standardize and accelere investigion, enrichment, containment, and response workflows. You will integre SOAR with security and IT plforms to autome repeable actions. The ideal candide demonstres strong analytical problem solving skills, clear technical communicion, and deep expertise in modern tack techniques, logging architectures, and SOC operions. A proven, hands on track record of advancing detection engineering, SIEM/SOAR effectiveness, and incident response capabilities in highly targeted, large scale environments is essential. Success in this role is defined by measurable contributions to a world class SOC and cybersecurity program th proactively detects thres, rapidly contains incidents, and drives consistent, effective resolution across all cybersecurity events. As a cybersecurity engineer senior, thre detection and response, you will... Identify, evalue, and appropriely address alerts and incidents Develops detections based on the MITRE ATT&CK Framework Proactively identifies emerging thres and conducts thre hunting for undetected activity within the environment Assess alerts to establish their legitimacy, and urgency Adhere to SOC playbooks and standard opering procedures (SOPs) to promote consistency in triage and decision-making. Conduct a thorough review and audit of existing logging systems to identify any gaps in detection capabilities. Reviews thre intel reports and feeds, makes recommendions for profile or toolset changes based on reviews Performs in-depth investigions on Windows, Linux, and MacOS hosts Cree stories to enhance the SOAR environment for engineers Enhance SOC processes with feedback and operional insights Serves as both a mentor and an escalion point for SOC engineers Tune security tool configurion to minimize false positives Work closely with security leaders, engineers, and compliance teams to implement effective security plans Serve as a subject mter expert for security tools, applicions, and processes We’d love to hear from people with... 5+ years of experience working in an informion technology discipline 4+ years of security operions experience 2+ years of detection engineering experience  2+ years of Thre hunting experience  Deep technical understanding of modern Cybersecurity thres Understanding of the MITRE ATT&CK framework and the ability to cree detections based on analysis of tacker tools & techniques using this framework Proficient in programming with least one modern language such as Python, Powershell, C#, Ruby, or Java Experience with the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security Basic understanding of compliance and regulory requirements such as SOX and PCI. Ability to balance multiple priorities and meet deadlines Excellent problem-solving abilities Passione about cybersecurity and self-driven to become an expert Preferred Qualificions Demonstred expertise in least two technologies, such as SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, or Container Security. Skilled in least two focus areas, including Phishing, Da Loss Prevention (DLP), Compliance, Networking, Digital Forensics, Big Da, Thre Intelligence, Opering Systems, or Reverse Engineering. Actively supports the cybersecurity community by teaching or contributing code. Holds certificions like CISSP, SSCP, GCIH, or other credentials emphasizing cybersecurity.     As a Starbucks partner, you (and your family) will have access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits. Partners have access to short-term and long-term disability, paid parental leave, family expansion reimbursement, paid vacion from de of hire*, sick time (accrued 1 hour for every 25 hours worked), eight paid holidays, and two personal days per year. Starbucks also offers eligible partners participion in a 401(k) retirement plan with employer mch, a discounted company stock program (S.I.P.), Starbucks equity program (Bean Stock), incentivized emergency savings, and financial well-being tools.  Additionally, Starbucks offers 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona Ste University’s online program via the Starbucks College Achievement Plan, student loan management resources, and access to other educional opportunities.  You will also have access to backup care and DACA reimbursement.   Starbucks will comply with any applicable ste and local laws regarding employee leave benefits, including, but not limited to providing time off pursuant to the Colorado Healthy Families and Workplaces Act, and in accordance with its plans and policies. This list is subject to change depending on collective bargaining in locions where partners have a certified bargaining representive. For additional informion regarding partner perks and more detailed informion about benefits, go to starbucksbenefits.com.   *If you are working in CA, CO, IL, LA, ME, MA, NE, ND or RI, you will accrue vacion up to a maximum of 120 hours (190 in CA) for roles below director and 200 hours (316 in CA) for roles director or above.  For roles in other stes, you will be granted vacion time starting 120 hours annually for roles below director and 200 hours annually for roles director and above.    The actual base pay offered to the successful candide will be based on multiple factors, including but not limited to job-reled knowledge/skills, experience, geographical locion, and internal equity.  At Starbucks, it is not typical for an individual to be hired the high end of the range for their role, and compension decisions are dependent upon the facts and circumstances of each position and candide.    Join us and inspire with every cup. Apply today!  Starbucks Coffee Company is an equal opportunity employer. All qualified applicants will receive considerion for employment without regard to race, color, religion, sex, sexual oriention, gender identity, age, nional origin, disability, or protected veteran stus, or any other characteristic protected by law.   Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, ste and local ordinances.     Starbucks Coffee Company is committed to offering reasonable accommodions to job applicants with disabilities. If you need assistance or an accommodion due to a disability, please contact us  applicantaccommodion@starbucks.com or 1(888) 611-2258.  Apply Now