Job Summary and Mission
This position contributes to Starbucks success by using a variety of tools to investigate alerts, indicators of compromise, log data and operational health for the Starbucks Security platform. An escalation point for events and responsible for in depth reviews of activities performed by the CSOC analyst team. This role is part of the Cyber Security Operations Center Team (CSOC Team). The CSOC Team is accountable for monitoring, investigating and responding to alerts generated by internal tools, external monitoring and threat intelligence for the Starbucks Global Platform.
Models and acts in accordance with Starbucks guiding principles.
Summary of Key Responsibilities
Responsibilities and essential job functions include but are not limited to the following:
- Builds processes to monitor and analyze log events generated from a variety of platforms including the SEIM, escalated/privileged access tracking, IDS/IPS, Firewalls, WAFs, AntiVirus, application logs and Mobile Threat Defense Applications.
- Reviews threat intelligence reports and feeds, makes recommendations for profile or toolset changes based on reviews.
- Hunts for new threats and performs data analytics to surface activity not seen within the environment.
- Performs root cause analysis to uncover malicious activity.
- Analyzes, documents, remediates, or escalates events.
- Serves as an escalation point for securityevents.
- Ensures controls specific to Information Security are performed and documented, including internal controls, SOX and PCI controls.
- Documents and participates in incident response activities.
- Performs daily, weekly, monthly and quarterly control activities required for internal compliance, SOX or PCI.
- Reviews reports and further develops investigations for escalation of securityevents.
- Provides feedback to engineering teams for modification of tools and improvements.
- Facilitates remediation of threats by working with other IT teams or end users.
- Trains and mentor CSOC analysts.
Summary of Experience
7+ Years IT industry experience with a minimum of 4 years in Cyber Security discipline
Required Knowledge, Skills and Abilities
- Ability to apply knowledge of multidisciplinary business principles and practices to achieve successful outcomes in cross-functional projects and activities.
- Experience with the following technologies: SEIMs, WAFs, IDS/IPS, AntiVirus, Vulnerability Monitoring Platforms, File integrity monitoring, DLP, and Encryption.
- Understanding of compliance and regulatory requirements such as SOX and PCI.
- Ability to respond and remediate incidents.
- Microsoft Word, Excel and PowerPoint.
- Ability to work within large collaborative organizations.
- Knowledge of and ability to apply process improvement principles.
- Strong written, verbal and active listening skills.
- Models and acts in accordance with Starbucks guiding principles.
- Ability to foster effectiveness during changes in tasks, work environment or conditions affecting the organization.