This position contributes to Starbucks success by utilizing a variety of tools to investigate alerts and indicators of compromise, review log data, and assess operational health for the Starbucks Security platforms. You should have strong problem-solving skills, excellent communication skills, a deep technical understanding of modern cybersecurity threats, and a validated track record of a hands-on approach to maturing defense capabilities in highly targeted environments at scale. Success for the role will be by contributing to the delivery of a world class cybersecurity program that is positioned to address, contain, and drive successful resolution to any cybersecurity situation.
Models and acts in accordance with Starbucks guiding principles.
Summary Of Key Responsibilities
- Detect, assess and respond to alerts and incidents.
- Creates custom detections aligned to the MITRE ATT&CK Framework.
- Reviews and audits available logging to determine potential gaps in detection capabilities.
- Reviews threat intel reports and feeds, makes recommendations for profile or toolset changes based on reviews.
- Hunts for new threats and performs data analytics to surface activity not seen within the environment.
- Performs in-depth investigations on Windows, Linux, and MacOS hosts
- Facilitates remediation of threats by working with other IT teams or end users.
- Write stories for engineers to improve our SOAR environment
- Acts as a mentor and escalation point for SOC Analysts.
Basic Qualifications
- 5+ years of experience working in an information technology discipline.
- 4+ years of security operations experience.
- Deep technical understanding of modern Cybersecurity threats.
- Ability to quickly learn new cybersecurity concepts.
- Understanding of the MITRE ATT&CK framework and the ability to create detections based on analysis of attacker tools & techniques using this framework.
- Proficient in programming with at least one modern language such as Python, Powershell, C#, Ruby, Java, Rust, Go
- Experience with the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security
- Basic understanding of compliance and regulatory requirements such as SOX and PCI.
- Ability to balance multiple priorities and meet deadlines.
- Excellent problem-solving abilities.
- Passionate about cybersecurity and self-driven to become an expert.
Preferred Qualifications
- Proficiency in two or more of the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security
- Proficiency in two or more of the following pillars: Phishing, DLP, Compliance, Networking, Forensics, Big Data, Threat Intel, Operating Systems, Reverse Engineering
- Contributes back to the cybersecurity community through teaching or through code.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
We are committed to creating a diverse and welcoming workplace that includes partners with diverse backgrounds and experiences. We believe that enables us to better meet our mission and values while serving customers throughout our global communities. People of color, women, LGBTQIA+, veterans and persons with disabilities are encouraged to apply.
Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal state and local ordinances. Starbucks Corporation is committed to offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability, please contact us at applicantaccommodation@starbucks.com.
