Senior Cybersecurity Engineer, CSOC

🌍 Remote, USA 🎯 Full-time 🕐 Posted Recently

Job Description

    Job Description:
  • Detect, assess and respond to alerts and incidents
  • Perform rapid triage to determine severity, validity, and urgency of alerts
  • Follow SOC playbooks and SOPs to ensure consistent triage and decision-making
  • Creates custom detections aligned to the MITRE ATT&CK Framework
  • Review and audit available logging to determine potential gaps in detection capabilities
  • Reviews threat intel reports and feeds, makes recommendations for profile or toolset changes based on reviews
  • Hunts for new threats and perform data analytics to surface activity not seen within the environment
  • Performs in-depth investigations on Windows, Linux, and MacOS hosts
  • Write stories for engineers to improve our SOAR environment
  • Support the improvement of SOC processes through feedback and operation observations
  • Acts as a mentor and escalation point for SOC engineers
  • Tune security tool configuration to minimize false positives
  • Collaborate with security leadership, engineering, and compliance to execute security strategies
  • Assess our current cloud security and propose improvements or solutions
  • Serve as a subject matter expert for security tools, applications, and processes
    Requirements:
  • 5+ years of experience working in an information technology discipline
  • 4+ years of security operations experience
  • Deep technical understanding of modern Cybersecurity threats
  • Ability to quickly learn new cybersecurity concepts
  • Understanding of the MITRE ATT&CK framework and the ability to create detections based on analysis of attacker tools & techniques using this framework
  • Proficient in programming with at least one modern language such as Python, Powershell, C#, Ruby, Java, Rust, Go
  • Experience with the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security
  • Basic understanding of compliance and regulatory requirements such as SOX and PCI.
  • Ability to balance multiple priorities and meet deadlines
  • Excellent problem-solving abilities
  • Passionate about cybersecurity and self-driven to become an expert
  • Preferred Qualifications: Proficiency in two or more of the following technologies: SIEMs, WAFs, IDS/IPS, EPP, EDR, FIM, DLP, Cloud Security, Container Security
  • Proficiency in two or more of the following pillars: Phishing, DLP, Compliance, Networking, Forensics, Big Data, Threat Intel, Operating Systems, Reverse Engineering
  • Contributes back to the cybersecurity community through teaching or through code
  • Certifications such as CISSP, SSCP, GCIH or others focused on cybersecurity
    Benefits:
  • medical, dental, vision, basic and supplemental life insurance
  • short-term and long-term disability
  • paid parental leave
  • family expansion reimbursement
  • paid vacation from date of hire*
  • sick time (accrued at 1 hour for every 25 hours worked)
  • eight paid holidays
  • two personal days per year
  • 401(k) retirement plan with employer match
  • discounted company stock program (S.I.P.)
  • Starbucks equity program (Bean Stock)
  • incentivized emergency savings
  • financial well-being tools
  • 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan
  • student loan management resources
  • access to other educational opportunities
  • backup care
  • DACA reimbursement
  • compliance with state and local laws regarding employee leave benefits

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!

🚀 Apply Now

Similar Jobs

Recent Jobs

You May Also Like