Senior Cybersecurity Engineer

It's fun to work in a company where people truly believe in what they are doing. At Dutch Bros Coffee, we are more than just a coffee company. We are a fun-loving, mind-blowing company that makes a difference one cup at a time.

Position Overview:

We're looking for a Lead Cybersecurity Engineer to drive the design, implementation, and automation of advanced security controls across our enterprise. This role will help shape our Zero Trust and Secure Service Edge (SSE) strategy, partner closely with software and infrastructure teams, and ensure our technology environment remains resilient, scalable, and secure.

The ideal candidate combines deep hands-on technical expertise with strong problem-solving skills and a passion for continuous improvement. You'll work at the intersection of security engineering, cloud architecture, and automation to help us stay ahead of evolving threats.

• Design, implement, and maintain enterprise-grade security solutions aligned with Zero Trust and SSE principles .
• Lead development and automation of security controls using Python , REST APIs , and modern Dev Ops pipelines (CI/CD, IaC, SOAR).
• Engineer integrations between security platforms, infrastructure, and applications to improve visibility, detection, and response capabilities.
• Collaborate with cross-functional teams (infrastructure, software, IAM, Dev Ops) to embed security into architecture and development workflows.
• Manage and optimize SIEM , EDR , Vulnerability Management , and DLP platforms.
• Support configuration and governance of IAM and PIM platforms (Entra , Okta, Cyber Ark, Auth0).
• Provide technical leadership in evaluating, deploying, and tuning Zero Trust and SSE platforms (Cloudflare, Cisco, Microsoft, Palo Alto Networks).
• Drive continuous improvement in automation, detection engineering, and response playbooks.
• Contribute to compliance initiatives (PCI DSS, SOX, NIST, CIS 18) through engineering, documentation, and evidence collection.
• Research and prototype the use of Large Language Models (LLMs) and prompt engineering for cybersecurity automation and analysis.
• Mentor junior engineers and contribute to security standards, processes, and technical documentation.

Job Qualifications:

• 6+ years of hands-on experience in security engineering roles
• 1+ year of hands-on experience in software engineering.
• Strong understanding of security principles , software development , IAM , networking , and application security .

• Extensive hands-on experience with:
  • Zero Trust methodologies and SSE platforms (Cloudflare, Cisco, Microsoft, Palo Alto Networks)
  • Python , REST APIs, and data formats (JSON, CSV, XML)
  • Security automation (SOAR, CI/CD, IaC)
  • Azure and AWS environments
  • IAM/PIM solutions (Entra , Cyber Ark, Okta, Auth0
  • Linux and Windows administration
  • SIEM platforms (Microsoft Sentinel, Splunk, Rapid7)
  • Vulnerability Management platforms (Qualys, Rapid7, Tenable)
• Experience with:
  • Dev Ops methodologies and principles
  • Next-Generation Firewalls (Palo Alto, Fortinet, Sophos, Checkpoint)
  • Compliance frameworks (PCI DSS, SOX, NIST, CIS 18)
  • EDR platforms (Microsoft, Crowd Strike, Sentinel One)
  • DLP solutions (Microsoft Purview, Symantec, Trellix)
  • Large Language Models (LLMs) and prompt engineering concepts
• Strong problem-solving , communication , and documentation skills.
• Proven ability to collaborate with cross-functional technical teams.

Certifications

• Preferred / Highly Desired:
  • CISSP, CCSP, OSCP
  • AWS Certified Solutions Architect - Associate
  • AWS Certified Security - Specialty
  • Microsoft Certified:
    Azure Security Engineer Associate
  • CCNA
  • Hashi Corp Certified:
    Terraform Associate

Location Requirement:

This role is located in Tempe, Arizona. This position is required to be in office 4 days per week (Mon-Thurs);
Fridays are optional remote work days.

Key Result Areas (KRAs):

Secure Access Service Edge (SASE) Implementation & Optimization

Objective:
Establish a unified, cloud-delivered security and networking architecture to protect users, devices, and applications across our HQ and Shops:

• Design and deploy SASE components (SWG, CASB, ZTNA, SD-WAN) achieving 95% policy enforcement consistency across locations and devices.
• Migrate 80% of remote user traffic through SASE. Deprecate VPN models
• Achieve centralized policy visibility and reporting for all edge traffic through a single management console (e.g., Cloudflare, Palo Alto, Cisco).

Microsoft Security Ecosystem Integration

Objective:
Maximize protection and ROI from the Microsoft 365 E5 and Entra security stack:

• Achieve 90% coverage of Conditional Access and PIM enforcement across Entra
• Deploy Microsoft Defender suite (Endpoint, Cloud Apps, Identity) to 95% of eligible assets.
• Integrate Sentinel SIEM with all major data sources (SASE, EDR, IAM, vulnerability management) for unified threat detection.
• Reduce mean time to detect (MTTD) and respond (MTTR) to incidents by 30% through automation and correlation within Sentinel.

Security Automation and AI-driven Operations

Objective:
Leverage AI and automation to streamline detection, response, and…