Senior Cybersecurity Engineer, CSOC
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Senior Cybersecurity Engineer managing security operations within Starbucks' Cybersecurity Operations Center. Detecting, assessing and responding to cybersecurity incidents to ensure protection against threats.
Responsibilities:
- Detect, assess and respond to alerts and incidents
- Perform rapid triage to determine severity, validity, and urgency of alerts
- Follow SOC playbooks and SOPs to ensure consistent triage and decision-making
- Creates custom detections aligned to the MITRE ATT&CK Framework
- Review and audit available logging to determine potential gaps in detection capabilities
- Reviews threat intel reports and feeds, makes recommendations for profile or toolset changes based on reviews
- Hunts for new threats and perform data analytics to surface activity not seen within the environment
- Performs in-depth investigations on Windows, Linux, and MacOS hosts
- Write stories for engineers to improve our SOAR environment
- Support the improvement of SOC processes through feedback and operation observations
- Acts as a mentor and escalation point for SOC engineers
- Tune security tool configuration to minimize false positives
- Collaborate with security leadership, engineering, and compliance to execute security strategies
- Assess our current cloud security and propose improvements or solutions
- Serve as a subject matter expert for security tools, applications, and processes
Requirements:
- 5+ years of experience working in an information technology discipline
- 4+ years of security operations experience
- Deep technical understanding of modern Cybersecurity threats
- Ability to quickly learn new cybersecurity concepts
- Understanding of the MITRE ATT&CK framework and the ability to create detections based on analysis of attacker tools & techniques using this framework
- Proficient in programming with at least one modern language such as Python, Powershell, C#, Ruby, Java, Rust, Go
- Experience with the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security
- Basic understanding of compliance and regulatory requirements such as SOX and PCI.
- Ability to balance multiple priorities and meet deadlines
- Excellent problem-solving abilities
- Passionate about cybersecurity and self-driven to become an expert
- Preferred Qualifications: Proficiency in two or more of the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security
- Proficiency in two or more of the following pillars: Phishing, DLP, Compliance, Networking, Forensics, Big Data, Threat Intel, Operating Systems, Reverse Engineering
- Contributes back to the cybersecurity community through teaching or through code
- Certifications such as CISSP, SSCP, GCIH or others focused on cybersecurity
Benefits:
- medical, dental, vision, basic and supplemental life insurance
- short-term and long-term disability
- paid parental leave
- family expansion reimbursement
- paid vacation from date of hire*
- sick time (accrued at 1 hour for every 25 hours worked)
- eight paid holidays
- two personal days per year
- 401(k) retirement plan with employer match
- discounted company stock program (S.I.P.)
- Starbucks equity program (Bean Stock)
- incentivized emergency savings
- financial well-being tools
- 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan
- student loan management resources
- access to other educational opportunities
- backup care
- DACA reimbursement
- compliance with state and local laws regarding employee leave benefits
Similar Jobs
Senior Director Analyst – Security Operations, Threat Detection, Response and Automation
Security Operations Analyst focused on security operations research and client engagement. Supporting Gartner clients with expertise in threat detection, incident response, and automation.
Security Operations Engineer
Security Operations Engineer role at FICO focusing on cyber protection and automation development. Involved in incident response and security operations for a leading analytics company.
Regional SOC Analyst
As a Regional SOC Analyst, you'll shape the security architecture at Kelvion and enhance cyber security in an international environment.
Development Security Operations Engineer, Healthcare Consulting
Development Operations Engineer for Sellers Dorsey designing automated systems and tools in healthcare consulting. Bridging software development and security engineering operations to optimize delivery systems.
SOC Team Lead
SOC Team Lead managing a Security Operations Center team and guiding customer onboarding processes. Providing leadership and ensuring delivery of cybersecurity operations for clients.
Security Operations Intern, Summer 2026
Security Operations Intern role supporting security program development and documentation for a technology company. Collaborating with Security leadership to gain practical experience in governance, risk, and compliance.
Cybersecurity Incident Response Analyst
Cybersecurity Incident Response Analyst at Hitachi protecting renewable energy systems from cybersecurity threats. Collaborating with global teams for incident response and security monitoring.
Senior Director, Security Operations Center
Senior Director leading global Security Operations Center at CFA Institute. Setting strategic vision and managing high-performing teams for security operations.
Cybersecurity Operations Intern
Entry-level Cybersecurity Operations Intern at AMERICAN SYSTEMS performing day-to-day operations of security solutions. Involves resolving security incidents and collaborating with a small team.
Cyber Operations Intern
IT Security Analyst intern performing day-to-day security operations at AMERICAN SYSTEMS. Identifying and resolving security incidents while maintaining security tools and processes.
Security Operations
Security Operations position overseeing compliance and security frameworks at DeepJudge. Collaborating with clients to ensure enterprise-level security and privacy practices.
Cyber Security Operations Center (CSOC) Analyst – Tier 3
Cyber Security Operations Center Analyst in athenahealth focusing on incident response, threat hunting, and cross-functional coordination. Requires a bachelor's degree and extensive cyber security experience.
Security Operations Engineer II
Security Operations Engineer II optimizing systems and responding to security threats in cybersecurity. Monitoring, detecting, and analyzing, while enhancing infrastructure security from real-world threats.
SOC Analyst I
SOC Analyst I for Sentinel Blue monitoring security operations and handling potential incidents in cybersecurity. Engaging in real-time threat analysis and response with opportunities for growth.
Senior SOC Analyst, Microsoft Stack Focus
Cyber Defender (Senior SOC Analyst) at Ontinue focusing on detection and response in security operations. Collaborating with teams to enhance managed security services using Microsoft tools.
Cyber Operations Advisor
Cyber Operations Advisor leading client business reviews and technical remediation at Optiv. Managing multiple cybersecurity engagements and strategic initiatives for client satisfaction.
IT Intern – Cybersecurity Operations, Forensics & Incident Response
Cybersecurity Operations Intern at Ascension Technologies focusing on incident response and detection engineering. Develop technical skills through real-world IT experience within a large IT service environment.
IT Intern – Cybersecurity Operations, Cyber Threat Intelligence
Cybersecurity Operations Intern at Ascension Technologies conducting threat research and intelligence production tasks. Engaging in real-life projects and collaborating with IT Infrastructure and Security teams.
Senior Cybersecurity Incident Response Analyst
Cybersecurity Incident Response Analyst supporting secure operations of IQVIA's global IT infrastructure. Collaborating across departments to respond to security events and strengthen safeguards.
Analista de Segurança da Informação – Google SecOps
Analista de Segurança da Informação focusing on Google SecOps for enhancing cyber security across various clients. Join a team with expertise in cloud security solutions for significant projects.