HiringCafe
Posted 18h ago

cybersecurity engineer senior, threat detection and response

@ Starbucks
View All Jobs
Seattle, Washington, United States
$112k-$212k/yrRemoteFull Time
Responsibilities:Detecting threats, Investigating alerts, Responding to incidents
Requirements Summary:5+ years IT, 4+ years security operations, 2+ years detection engineering, 2+ years threat hunting; strong MITRE ATT&CK knowledge; proficient in Python, PowerShell, C#, Ruby, or Java; experience with SIEM, SOAR, and security tooling.
Technical Tools Mentioned:SIEM, SOAR, WAF, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Now Brewing – cybersecurity engineer senior, threat detection and response! #tobeapartner

From the beginning, Starbucks set out to be a different kind of company. One that not only celebrated coffee and the rich tradition, but that also brought a feeling of connection. We are known for developing extraordinary leaders who share this passion and are guided by their service to others.

This role contributes to Starbucks’ success by operating within the Security Operations Center (SOC) to detect, investigate, and respond to cybersecurity threats across the enterprise. You will leverage SIEM and SOAR platforms to perform advanced log analysis, validate alert fidelity, and continuously assess the operational health and coverage of Starbucks’ security tooling.

You will design, build, and tune detections within the SIEM, translating real world adversary behaviors and MITRE ATT&CK aligned TTPs into high confidence, actionable alerts. This includes authoring and maintaining detection logic (e.g., KQL, SPL, or equivalent), reducing false positives and closing visibility gaps.

The role also focuses on maturing automation through SOAR by developing playbooks that standardize and accelerate investigation, enrichment, containment, and response workflows. You will integrate SOAR with security and IT platforms to automate repeatable actions.

The ideal candidate demonstrates strong analytical problem solving skills, clear technical communication, and deep expertise in modern attack techniques, logging architectures, and SOC operations. A proven, hands on track record of advancing detection engineering, SIEM/SOAR effectiveness, and incident response capabilities in highly targeted, large scale environments is essential.

Success in this role is defined by measurable contributions to a world class SOC and cybersecurity program that proactively detects threats, rapidly contains incidents, and drives consistent, effective resolution across all cybersecurity events.


As a cybersecurity engineer senior, threat detection and response, you will...

  • Identify, evaluate, and appropriately address alerts and incidents
  • Develops detections based on the MITRE ATT&CK Framework
  • Proactively identifies emerging threats and conducts threat hunting for undetected activity within the environment
  • Assess alerts to establish their legitimacy, and urgency
  • Adhere to SOC playbooks and standard operating procedures (SOPs) to promote consistency in triage and decision-making.
  • Conduct a thorough review and audit of existing logging systems to identify any gaps in detection capabilities.
  • Reviews threat intel reports and feeds, makes recommendations for profile or toolset changes based on reviews
  • Performs in-depth investigations on Windows, Linux, and MacOS hosts
  • Create stories to enhance the SOAR environment for engineers
  • Enhance SOC processes with feedback and operational insights
  • Serves as both a mentor and an escalation point for SOC engineers
  • Tune security tool configuration to minimize false positives
  • Work closely with security leaders, engineers, and compliance teams to implement effective security plans
  • Serve as a subject matter expert for security tools, applications, and processes

We’d love to hear from people with...

  • 5+ years of experience working in an information technology discipline
  • 4+ years of security operations experience
  • 2+ years of detection engineering experience 
  • 2+ years of Threat hunting experience 
  • Deep technical understanding of modern Cybersecurity threats
  • Understanding of the MITRE ATT&CK framework and the ability to create detections based on analysis of attacker tools & techniques using this framework
  • Proficient in programming with at least one modern language such as Python, Powershell, C#, Ruby, or Java
  • Experience with the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security
  • Basic understanding of compliance and regulatory requirements such as SOX and PCI.
  • Ability to balance multiple priorities and meet deadlines
  • Excellent problem-solving abilities
  • Passionate about cybersecurity and self-driven to become an expert


Preferred Qualifications

  • Demonstrated expertise in at least two technologies, such as SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, or Container Security.
  • Skilled in at least two focus areas, including Phishing, Data Loss Prevention (DLP), Compliance, Networking, Digital Forensics, Big Data, Threat Intelligence, Operating Systems, or Reverse Engineering.
  • Actively supports the cybersecurity community by teaching or contributing code.
  • Holds certifications like CISSP, SSCP, GCIH, or other credentials emphasizing cybersecurity.
     

 

As a Starbucks partner, you (and your family) will have access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits. Partners have access to short-term and long-term disability, paid parental leave, family expansion reimbursement, paid vacation from date of hire*, sick time (accrued at 1 hour for every 25 hours worked), eight paid holidays, and two personal days per year. Starbucks also offers eligible partners participation in a 401(k) retirement plan with employer match, a discounted company stock program (S.I.P.), Starbucks equity program (Bean Stock), incentivized emergency savings, and financial well-being tools.  Additionally, Starbucks offers 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan, student loan management resources, and access to other educational opportunities.  You will also have access to backup care and DACA reimbursement.   Starbucks will comply with any applicable state and local laws regarding employee leave benefits, including, but not limited to providing time off pursuant to the Colorado Healthy Families and Workplaces Act, and in accordance with its plans and policies. This list is subject to change depending on collective bargaining in locations where partners have a certified bargaining representative. For additional information regarding partner perks and more detailed information about benefits, go to starbucksbenefits.com.  

*If you are working in CA, CO, IL, LA, ME, MA, NE, ND or RI, you will accrue vacation up to a maximum of 120 hours (190 in CA) for roles below director and 200 hours (316 in CA) for roles at director or above.  For roles in other states, you will be granted vacation time starting at 120 hours annually for roles below director and 200 hours annually for roles director and above. 

 

The actual base pay offered to the successful candidate will be based on multiple factors, including but not limited to job-related knowledge/skills, experience, geographical location, and internal equity.  At Starbucks, it is not typical for an individual to be hired at the high end of the range for their role, and compensation decisions are dependent upon the facts and circumstances of each position and candidate. 

 

Join us and inspire with every cup. Apply today! 

Starbucks Coffee Company is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, or protected veteran status, or any other characteristic protected by law.  

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal, state and local ordinances. 
 
Starbucks Coffee Company is committed to offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability, please contact us at [email protected] or 1(888) 611-2258.