Staff Engineer - Cybersecurity

Dutch Bros Coffee is a fun-loving coffee company that makes a difference one cup at a time. The Staff Engineer - Cybersecurity will design architectures that make security the default for engineering teams, ensuring secure scaling without sacrificing velocity while leading the implementation of the Microsoft security ecosystem and enhancing the organization’s security culture.

Responsibilities:

• Partner with Identity and Endpoint teams to drive ≥ 90% coverage of Conditional Access and PIM enforcement
• Guide the deployment strategy for Microsoft Defender capabilities to reach ≥ 95% of eligible assets
• Oversee the architectural integration of Sentinel with core telemetry sources to enable high-fidelity detection and response coordination
• Champion automation initiatives to reduce mean time to detect (MTTD) and respond (MTTR) by ≥ 30% through improved correlation and playbook design
• Lead the design of SOAR workflows to automate ≥ 60% of repetitive tasks, partnering with SecOps for implementation
• Drive the strategy for improving signal-to-noise ratio by guiding the tuning of detections based on threat trends
• Define and guide the adoption of policy-as-code guardrails for cloud and on-premises infrastructure
• Drive the strategy for hybrid telemetry integration and posture monitoring to enable faster risk identification
• Partner with engineering and infrastructure teams to prioritize and track the remediation of high-risk misconfigurations and vulnerabilities
• Champion the adoption of security engineering standards, reference architectures, and implementation patterns across teams
• Represent security in architectural decision-making as a trusted technical authority, influencing major technology initiatives
• Mentor engineers and elevate team capabilities through coaching, design reviews, and sharing operational best practices

Requirements:

• 7+ years of hands-on experience in security engineering roles
• 2+ years of hands-on experience in software engineering
• Strong understanding of security principles, software development, IAM, networking, and application security
• Demonstrated ability to influence technical direction across teams and mentor other engineers
• Strong problem-solving, communication, and documentation skills
• Proven ability to collaborate with and influence cross-functional technical teams
• DevOps methodologies and principles (CI/CD pipelines, Infrastructure as Code, GitOps)
• Vulnerability Management platforms (Qualys, Rapid7 InsightVM, Tenable)
• EDR platforms (Microsoft Defender for Endpoint, CrowdStrike, SentinelOne)
• Compliance frameworks (PCI DSS, SOX, NIST, CIS 18)
• DLP solutions (Microsoft Purview, Symantec, Trellix)
• Large Language Models (LLMs) and prompt engineering applied to security workflows
• Extensive hands-on experience with Microsoft security platforms (Sentinel, Defender, Entra ID, Purview)
• Extensive hands-on experience with SIEM platforms (Microsoft Sentinel, Splunk, Rapid7) including detection engineering and analytics rule development
• Extensive hands-on experience with security automation (SOAR, CI/CD, IaC) and building automated response playbooks
• Extensive hands-on experience with Python, REST APIs, and data formats (JSON, CSV, XML)
• Extensive hands-on experience with Azure and AWS cloud environments, including cloud-native security controls
• Extensive hands-on experience with Linux and Windows administration
• ISC(2): CISSP, CISM, CCSP
• AWS Certified: Security – Specialty, Solutions Architect Associate
• Microsoft Certified: Azure Security Engineer Associate, Identity and Access Administrator Associate, Security Operations Analyst Associate
• Cisco Certified: CCNA, CCNP
• HashiCorp Certified: Terraform Associate
• Offensive Security: OSCP, OSCE