{"id":864,"date":"2025-12-18T10:14:12","date_gmt":"2025-12-18T10:14:12","guid":{"rendered":"https:\/\/skillbasedmatching.com\/jobs\/?post_type=jobpost&#038;p=864"},"modified":"2025-12-18T10:14:16","modified_gmt":"2025-12-18T10:14:16","slug":"cybersecurity-engineer-senior-csoc-global-scale-defense","status":"publish","type":"jobpost","link":"https:\/\/skillbasedmatching.com\/jobs\/current-jobs\/cybersecurity-engineer-senior-csoc-global-scale-defense\/","title":{"rendered":"Cybersecurity Engineer Senior, CSOC \u2013 Global Scale Defense"},"content":{"rendered":"\n<p>\u200bThis is a <strong>Remote (US)<\/strong> senior-level role within the Starbucks Cybersecurity Operations Center (CSOC). As a senior &#8220;partner&#8221; (employee) in this role, you are responsible for more than just monitoring; you are expected to mature defense capabilities at a massive, global scale. You will act as an escalation point and a detection architect, using data analytics and threat intelligence to protect Starbucks&#8217; brand and digital ecosystem.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Location:<\/strong> Remote (US) \u2013 Headquarters in Seattle, WA.<\/li>\n\n\n\n<li>\u200b<strong>Pay Range:<\/strong> <strong>$112,400 &#8211; $211,800<\/strong> (Bonus Eligible).<\/li>\n\n\n\n<li>\u200b<strong>Experience Required:<\/strong> <strong>5+ years<\/strong> in IT and <strong>4+ years<\/strong> in Security Operations (SOC).<\/li>\n\n\n\n<li>\u200b<strong>Core Focus:<\/strong> Rapid triage, custom detection engineering, threat hunting, and cloud security.<\/li>\n\n\n\n<li>\u200b<strong>Tech Stack:<\/strong> SIEM, EDR, SOAR, WAF, and multi-OS forensics (Windows, Linux, MacOS).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bKey Responsibilities: Detection, Hunting, and Mentorship<\/h2>\n\n\n\n<p>\u200bThe Senior Engineer focuses on high-level resolution and proactive defense rather than routine alert handling.<\/p>\n\n\n\n<p>\u200b<strong>Detection Engineering &amp; MITRE ATT&amp;CK<\/strong><\/p>\n\n\n\n<p>You will create custom detections aligned with the <strong>MITRE ATT&amp;CK Framework<\/strong>. This involves auditing logs to find detection gaps and tuning security tools to minimize false positives, ensuring the team stays focused on legitimate threats.<\/p>\n\n\n\n<p>\u200b<strong>Threat Hunting &amp; Analytics<\/strong><\/p>\n\n\n\n<p>Beyond responding to alerts, you will actively hunt for new threats that automated systems might miss. This requires performing data analytics on telemetry to surface &#8220;hidden&#8221; activity and reviewing threat intelligence feeds to recommend toolset changes.<\/p>\n\n\n\n<p>\u200b<strong>Advanced Investigations &amp; Forensics<\/strong><\/p>\n\n\n\n<p>You are responsible for in-depth investigations across <strong>Windows, Linux, and MacOS<\/strong> hosts. When a critical incident occurs, you lead the triage effort to determine severity and urgency, ensuring rapid containment and resolution.<\/p>\n\n\n\n<p>\u200b<strong>Automation &amp; Process Improvement<\/strong><\/p>\n\n\n\n<p>You will &#8220;write stories&#8221; for automation engineers to improve the <strong>SOAR<\/strong> environment. By providing operational feedback, you help refine SOC playbooks and Standard Operating Procedures (SOPs) to ensure the entire team operates consistently.<\/p>\n\n\n\n<p>\u200b<strong>Leadership &amp; Mentorship<\/strong><\/p>\n\n\n\n<p>As a Senior Individual Contributor, you act as a mentor for junior SOC engineers and serve as a subject matter expert for security tools and compliance (SOX\/PCI).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bRequired Technical Proficiency<\/h2>\n\n\n\n<p>\u200bStarbucks is looking for a self-driven expert with a deep understanding of attacker psychology and modern programming.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Programming:<\/strong> Proficiency in at least one modern language (e.g., <strong>Python, PowerShell, C#, Rust, Go<\/strong>).<\/li>\n\n\n\n<li>\u200b<strong>Security Tools:<\/strong> Hands-on experience with SIEMs, WAFs, IDS\/IPS, and Endpoint Detection (<strong>EDR<\/strong>).<\/li>\n\n\n\n<li>\u200b<strong>Forensics &amp; OS:<\/strong> Deep knowledge of modern threats and the ability to investigate various operating systems.<\/li>\n\n\n\n<li>\u200b<strong>Cloud &amp; Containers:<\/strong> Ability to assess current cloud security postures and propose architectural improvements.<\/li>\n\n\n\n<li>\u200b<strong>Compliance:<\/strong> Basic understanding of <strong>SOX and PCI<\/strong> regulatory requirements.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">\u200bPreferred Qualifications<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u200b<strong>Broad Domain Mastery:<\/strong> Proficiency in multiple pillars such as <strong>Forensics, Reverse Engineering, Big Data, or Threat Intel<\/strong>.<\/li>\n\n\n\n<li>\u200b<strong>Community Contribution:<\/strong> A track record of giving back to the security community through teaching or open-source code.<\/li>\n\n\n\n<li>\u200b<strong>Certifications:<\/strong> <strong>CISSP, GCIH, or SSCP<\/strong> are highly valued but not required.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>\u200bThis is a Remote (US) senior-level role within the Starbucks Cybersecurity Operations Center (CSOC). As a senior &#8220;partner&#8221; (employee) in this role, you are responsible for more than just monitoring; you are expected to mature defense capabilities at a massive, global scale. You will act as an escalation point and a detection architect, using data [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"menu_order":0,"template":"","jobpost_category":[46,43],"jobpost_job_type":[39],"jobpost_location":[1041],"jobpost_tag":[3959,3956,3957,1938,24,81,3408,3960,3958,3178],"class_list":["post-864","jobpost","type-jobpost","status-publish","hentry","jobpost_category-data","jobpost_category-it","jobpost_job_type-remote","jobpost_location-united-states","jobpost_tag-112k-212k","jobpost_tag-csoc","jobpost_tag-detection-engineering","jobpost_tag-mitre-attck","jobpost_tag-python","jobpost_tag-remote","jobpost_tag-senior-cybersecurity-engineer","jobpost_tag-soar","jobpost_tag-starbucks","jobpost_tag-threat-hunting"],"_links":{"self":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost\/864","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost"}],"about":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/types\/jobpost"}],"author":[{"embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/users\/1"}],"wp:attachment":[{"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/media?parent=864"}],"wp:term":[{"taxonomy":"jobpost_category","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_category?post=864"},{"taxonomy":"jobpost_job_type","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_job_type?post=864"},{"taxonomy":"jobpost_location","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_location?post=864"},{"taxonomy":"jobpost_tag","embeddable":true,"href":"https:\/\/skillbasedmatching.com\/jobs\/wp-json\/wp\/v2\/jobpost_tag?post=864"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}