manager, cybersecurity incident response team

Now Brewing – manager, cybersecurity incident response team! #tobeapartner

From the beginning, Starbucks set out to be a different kind of company. One that not only celebrated coffee and the rich tradition, but that also brought a feeling of connection. We are known for developing extraordinary leaders who share this passion and are guided by their service to others.

This position contributes to Starbucks’ success through the investigation and response to cybersecurity incidents. A successful manager of our CSIRT (Cybersecurity Incident Response Team) at Starbucks is a self-starter, a natural problem solver, collaborative, and able to work well with adversity and ambiguity. You should have strong problem-solving skills, excellent written and verbal communication skills, a deep technical understanding of modern cybersecurity threats, and a validated track record in hands-on approach to cybersecurity incident handling. Success for the role will be the delivery of a world class incident response program that is positioned to address, contain, and drive successful resolution to any cybersecurity situation.

Models and acts in accordance with Starbucks guiding principles.

As a manager, cybersecurity incident response team, you will...

Leadership - Setting goals for the team, developing organizational capability, and modeling how we work together:

• Introduce technical topics, sponsor opportunities for innovation, and recognize technical excellence.
• Models leadership behaviors that are grounded in Starbucks Mission and Values.
• Drives the engagement, development and performance of all members of their team.
  
  

Planning and Execution - Developing strategic and tactical plans for the team, managing execution, and measuring results:

• Leads identification, triage, and investigation of potential security incidents.
• Collaborate with cross-functional teams to deliver all stages of the incident response lifecycle.
• Plan and manage tabletop exercises with a diverse group of stakeholders.
  
  

Technical Design and Implementation - Providing technical expertise and executing technical responsibilities:

• Responsible for the clear communication of the current threat landscape.
• Partner with other teams in to continuously improve and advance the organizations operational security capabilities.
  
  

Partner Development and Team Building - Providing partners with coaching, feedback, and building an effective team:

• Build and lead a team that supports each other, makes others feel welcome, and succeeds (or fails) together.
• Challenge and inspire your team to achieve world class results.
• Support partners in their career growth.
  
  

Ownership – Taking accountability for the quality and success of the outcome of your team’s work:

• Defines and maintains processes, procedures, and expectations for the team’s support responsibilities.
• Ensures that the appropriate support documentation exists. 
• Leads team through high severity cybersecurity incidents.
  
  

We'd love to hear from people with...

Basic Qualifications

• 8+ years of experience working in an information technology / information security discipline
• 4+ years of experience leading cybersecurity incident response
• 3+ years of experience leading and developing highly performing teams
• Deep technical understanding of modern cybersecurity threats.
• Leads threat hunting for threat actor TTPs based on MITRE ATT&CK framework
• Quickly assimilates new technology concepts.
• Exceptional communication skills with both technical and non-technical audiences.
• Comprehends and applies understanding of compliance and regulatory requirements such as SOX and PCI.
• Can adeptly juggle multiple priorities to meet deadlines.
• Promotes a strong collaboration mindset
• Excellent problem-solving abilities.
• Demonstrates passion about cybersecurity and drives self to become an expert.
• Acts with integrity and dependability
• Proven ability to thrive in ambiguity
  
  

Preferred Qualifications

• Certifications such as CISSP, GCIH, OSCP, or others focused on cybersecurity, incident response, or threat actor techniques.
  
  

As a Starbucks partner, you (and your family) will have access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits. Partners have access to short-term and long-term disability, paid parental leave, family expansion reimbursement, paid vacation from date of hire*, sick time (accrued at 1 hour for every 25 hours worked), eight paid holidays, and two personal days per year. Starbucks also offers eligible partners participation in a 401(k) retirement plan with employer match, a discounted company stock program (S.I.P.), Starbucks equity program (Bean Stock), incentivized emergency savings, and financial well-being tools. Additionally, Starbucks offers 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan, student loan management resources, and access to other educational opportunities. You will also have access to backup care and DACA reimbursement. Starbucks will comply with any applicable state and local laws regarding employee leave benefits, including, but not limited to providing time off pursuant to the Colorado Healthy Families and Workplaces Act, and in accordance with its plans and policies. This list is subject to change depending on collective bargaining in locations where partners have a certified bargaining representative. For additional information regarding partner perks and more detailed information about benefits, go to starbucksbenefits.com.

• If you are working in CA, CO, IL, LA, ME, MA, NE, ND or RI, you will accrue vacation up to a maximum of 120 hours (190 in CA) for roles below director and 200 hours (316 in CA) for roles at director or above. For roles in other states, you will be granted vacation time starting at 120 hours annually for roles below director and 200 hours annually for roles director and above.
  
  

The actual base pay offered to the successful candidate will be based on multiple factors, including but not limited to job-related knowledge/skills, experience, geographical location, and internal equity. At Starbucks, it is not typical for an individual to be hired at the high end of the range for their role, and compensation decisions are dependent upon the facts and circumstances of each position and candidate.

If you live in the greater Seattle area, we offer a flexible workplace that allows for hybrid work. Partners can work remotely up to two days per week.

Join us and inspire with every cup. Apply today!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, physical or mental disability, sexual orientation, marital status, military or veteran status, gender identity and expression, genetic information, or any other factor protected by law.

We are committed to creating a diverse and welcoming workplace that includes partners with diverse backgrounds and experiences. We believe that enables us to better meet our mission and values while serving customers throughout our global communities. People of color, women, LGBTQIA+, veterans and persons with disabilities are encouraged to apply.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal state and local ordinances. Starbucks Corporation is committed to offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability, please contact us at applicantaccommodation.