Lead Cybersecurity Engineer

Dutch Bros. Coffee•Tempe, AZ

77d•Hybrid

About The Position

We're looking for a Lead Cybersecurity Engineer to drive the design, implementation, and automation of advanced security controls across our enterprise. This role will help shape our Zero Trust and Secure Service Edge (SSE) strategy, partner closely with software and infrastructure teams, and ensure our technology environment remains resilient, scalable, and secure. The ideal candidate combines deep hands-on technical expertise with strong problem-solving skills and a passion for continuous improvement. You'll work at the intersection of security engineering, cloud architecture, and automation to help us stay ahead of evolving threats.

Requirements

6+ years of hands-on experience in security engineering roles
1+ year of hands-on experience in software engineering.
Strong understanding of security principles, software development, IAM, networking, and application security.
Extensive hands-on experience with: Zero Trust methodologies and SSE platforms (Cloudflare, Cisco, Microsoft, Palo Alto Networks)
Python, REST APIs, and data formats (JSON, CSV, XML)
Security automation (SOAR, CI/CD, IaC)
Azure and AWS environments
IAM/PIM solutions (Entra ID, CyberArk, Okta, Auth0
Linux and Windows administration
SIEM platforms (Microsoft Sentinel, Splunk, Rapid7)
Vulnerability Management platforms (Qualys, Rapid7, Tenable)
Strong problem-solving, communication, and documentation skills.
Proven ability to collaborate with cross-functional technical teams.

Nice To Haves

Experience with: DevOps methodologies and principles
Next-Generation Firewalls (Palo Alto, Fortinet, Sophos, Checkpoint)
Compliance frameworks (PCI DSS, SOX, NIST, CIS 18)
EDR platforms (Microsoft, CrowdStrike, SentinelOne)
DLP solutions (Microsoft Purview, Symantec, Trellix)
Large Language Models (LLMs) and prompt engineering concepts
CISSP, CCSP, OSCP
AWS Certified Solutions Architect - Associate
AWS Certified Security - Specialty
Microsoft Certified: Azure Security Engineer Associate
CCNA
HashiCorp Certified: Terraform Associate

Responsibilities

Design, implement, and maintain enterprise-grade security solutions aligned with Zero Trust and SSE principles.
Lead development and automation of security controls using Python, REST APIs, and modern DevOps pipelines (CI/CD, IaC, SOAR).
Engineer integrations between security platforms, infrastructure, and applications to improve visibility, detection, and response capabilities.
Collaborate with cross-functional teams (infrastructure, software, IAM, DevOps) to embed security into architecture and development workflows.
Manage and optimize SIEM, EDR, Vulnerability Management, and DLP platforms.
Support configuration and governance of IAM and PIM platforms (Entra ID, Okta, CyberArk, Auth0).
Provide technical leadership in evaluating, deploying, and tuning Zero Trust and SSE platforms (Cloudflare, Cisco, Microsoft, Palo Alto Networks).
Drive continuous improvement in automation, detection engineering, and response playbooks.
Contribute to compliance initiatives (PCI DSS, SOX, NIST, CIS 18) through engineering, documentation, and evidence collection.
Research and prototype the use of Large Language Models (LLMs) and prompt engineering for cybersecurity automation and analysis.
Mentor junior engineers and contribute to security standards, processes, and technical documentation.