Security Operations Engineer, Information Technology

Full Time
Seattle, Washington
report a problem

Job Summary and Mission 

This position contributes to Starbucks success by using a variety of tools to investigate alerts, indicators of compromise, log data and operational health for the Starbucks Security platform.  The Security Operations Center Team (SOC Team) is accountable for monitoring and responding to alerts generated by internal tools, external monitoring and threat intelligence for Starbucks Global Platform.

Models and acts in accordance with Starbucks guiding principles.

Summary of Key Responsibilities 

Responsibilities and essential job functions include but are not limited to the following: 

  • Monitor and analyize log events generated from a variety of platforms including the SEIM, IDS/IPS, Firewalls, 
  • WAFs, AntiVirus and application logs
  • Review threat intelligence reports and feeds, make recommendations for profile or toolset changes based on reviews
  • Investigate and determine if risk is present based on alerts
  • Performs Malware research and analysis
  • Document and escalate or remediate events
  • Performs daily, weekly, monthly and quarterly control activites required for internal compliance, SOX or PCI
  • Participate in incident response activities and with appropriate teams
  • Performs actions required for and develops reports for escalation of security events or investiagtions
  • Provide feedback to engineering teams for modification of tools and improvements
  • Facilitate remediation of threats by working with other IT teams or end users
  • Monitors performs of key controls and/or systems and performs updates as required

Summary of Experience      

  • Experience in the field of digital forensic examination and/or eDiscovery fields. (3-5 years)

Basic Qualifications 

  • 3-5 years of practical hands-on experience in the field of digital forensic investigation with direct experience in forensic image acquisition, preservation and handling is required.
  • 2-3 years of practical hands-on experience with forensic platforms such as AccessData FTK or Guidance EnCase is required.
  • 2-3 years of security incident handling experience is required.
  • 1-2 years of practical hands-on experience working with eDiscovery platforms from vendors such as Nuix, AccessData, Exterro or Guidance is preferred.
  • 1-2 years of practical hands-on experience working with the Cyber Kill Chain methodology in identifying and tracking attack progression is preferred.
  • 1-2 years of practical hands-on experience in conducting memory analysis with tools such as AccessData FTK or Mandiant’s Redline is preferred.
  • Practical hands-on experience with mobile device forensic analysis is desired.
  • Certifications such as GCFE, GCFA, GREM are desired.
  • Experience providing expert witness testimony is desired.

Required Knowledge, Skills and Abilities 

  • Ability to apply knowledge of multidisciplinary business principles and practices to achieve successful outcomes in cross-functional projects and activities.
  • Identifies issues, presents findings, and suggests solutions to counterpart teams both internal and external to Information Protection Services.
  • Relies on experience and judgment to accomplish goals set forth by the team.
  • Knowledge and ability to apply process improvement principles.
  • Chain of custody process and management.
  • Filesystem structure and analysis.
  • File carving and data extraction.
  • Indicators of Compromise (IoC) and malware detection.
  • Incident response and forensic process frameworks.
  • Volatile data analysis.
  • Understanding of creating timelines using data from multiple sources and able to analyze timelines to identify relevant events.


Starbucks is an equal opportunity employer of all qualified individuals, including minorities, women, veterans & individuals with disabilities. Starbucks will consider for employment qualified applicants with criminal histories in a manner consistent with all federal, state, and local ordinances.

All Starbucks Job Descriptions are confidential and proprietary, and are to be handled in accordance with the Starbucks Standards of Business Conduct. Accordingly, job descriptions cannot be shared with individuals outside of the company without the written permission of the director Compensation, Starbucks Coffee Company.

Share this job:


Opportunity to be more than an employee, to be a partner. Join us and connect with something bigger.
By bringing people together over coffee, Starbucks has become one of the world’s best-known and best-loved companies. We purchase, roast and serve award-winning coffee. We also offer Italian-style espresso beverages, cold blended beverages, delicious food, premium teas and selected compact discs through our retail stores. Working at Starbucks is a lot like working with your friends. When you work here, you’re not an “employee” – we call ourselves “partners” because we believe in shared common goals and mutual success. We’re dedicated to serving ethically sourced coffee, caring for the environment and giving back to the communities where we do business. Starbucks is an equal opportunity employer of all qualified individuals, including minorities, women, veterans and individuals with disabilities.
Visit Starbucks's Social Media pages:
Company Industry: Retail
Company Type: Public Company
Company Size: 10,001+