Cybersecurity Engineer

Benefits

Additional Information

It's fun to work in a company where people truly believe in what they are doing. At Dutch Bros Coffee, we are more than just a coffee company. We are a fun-loving, mind-blowing company that makes a difference one cup at a time. Position Overview: We're looking for a Cybersecurity Engineer to drive the design, implementation, and automation of advanced security controls across our Security Operations team. Reporting to the Manager, Cybersecurity Operations this role drives key cybersecurity programs, including the Security Operations Center (SOC), Vulnerability Management, Data Loss Prevention (DLP), ensuring the confidentiality, integrity, and availability of critical assets. This role will be tasked with supporting security strategies and initiatives while proactively addressing emerging cybersecurity risks. Strong technical expertise and a proactive approach to challenges are essential for success in this role. Job Qualifications: 2-4+ years of hands-on experience in Security Engineering roles 1+ year of hands-on experience in Software Engineering Strong understanding of security principles, software development, Identity and Access Management (IAM), networking, vulnerability management, Security Orchestration, Automation, and Response (SOAR), and security operations Hands-on experience with: Zero Trust methodologies and Secure Service Edge (SSE) platforms (Cloudflare, Cisco, Microsoft, Palo Alto Networks) Python, REST APIs, and data formats (JSON, CSV, XML) Security automation (SOAR, CI/CD, Infrastructure as Code) Azure and AWS cloud environments IAM and Privileged Identity Management (PIM) solutions (Entra ID, CyberArk, Okta, Auth0) Linux and Windows administration SIEM platforms (Microsoft Sentinel, Splunk, Rapid7) Vulnerability management platforms (Qualys, Rapid7, Tenable) Experience with: DevOps methodologies and best practices Next-Generation Firewalls (Palo Alto, Fortinet, Sophos, Check Point) Compliance frameworks (PCI DSS, SOX, NIST, CIS Controls) Endpoint Detection and Response (EDR) platforms (Microsoft Defender, CrowdStrike, SentinelOne) Data Loss Prevention (DLP) solutions (Microsoft Purview, Symantec, Trellix) Large Language Models (LLMs) and prompt engineering concepts Strong problem-solving, communication, and technical documentation skills Proven ability to collaborate effectively with cross-functional technical teams Preferred / Highly Desired Qualifications: CISSP, CCSP, or OSCP AWS Certified Solutions Architect - Associate AWS Certified Security - Specialty Microsoft Certified: Azure Security Engineer Associate CCNA HashiCorp Certified: Terraform Associate Location Requirement: This role is located in Tempe, Arizona. This position is required to be in office 4 days per week (Mon-Thurs); Fridays are optional remote work days. Key Result Areas (KRAs): Security Operations Center (SOC) Automation & Operations Design and implement automated workflows and processes for Security Operations Center (SOC) operations. Manage and optimize day-to-day SOC tools and operations to ensure effective monitoring, detection, and response to security incidents. Develop and enhance SOC processes and procedures to improve operational efficiency, scalability, and advanced threat detection capabilities. Incident Response Lead and facilitate the incident response lifecycle, including identification, containment, eradication, and recovery from security incidents. Conduct post-incident reviews and drive implementation of lessons learned to improve overall security posture. Partner with IT and GRC teams to maintain incident response readiness, including development of playbooks and execution of incident simulation exercises. Vulnerability Management Support and enhance the vulnerability management program, including assessments, prioritization, tracking, and remediation strategies. Collaborate with IT and development teams to ensure timely patching and mitigation of identified vulnerabilities. Define and track program metrics, reporting status and risk trends to leadership. Data Loss Prevention (DLP) Contribute to the enterprise Data Loss Prevention (DLP) strategy to protect sensitive data across systems and prevent unauthorized access or exfiltration. Participate in audits and assessments to evaluate DLP effectiveness and ensure compliance with internal and external requirements. Microsoft Security Ecosystem Integration Maximize utilization and ROI of the Microsoft 365 E5 and Entra security stack. Manage and ensure full deployment of Microsoft Defender suite (Endpoint, Cloud Apps, Identity) across ≥ 95% of eligible assets. Integrate Microsoft Sentinel SIEM with key enterprise data sources, including SASE, EDR, IAM, and vulnerability management platforms, to enable unified threat detection and response. Reduce mean time to detect (MTTD) and mean time to respond (MTTR) by ≥ 30% through automation, correlation rules, and detection engineering within Sentinel. Security Autom

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at dutchbros? Share your experience