Logo
Starbucks

information security, security architect

Starbucks, Seattle, Washington, us, 98127


information security, Security Architect

Now Brewing – information security, security architect! #tobeapartner

From the beginning, Starbucks set out to be a different kind of company. One that not only

celebrated coffee and the rich tradition, but that also brought a feeling of connection. At Starbucks, our mission is to inspire and nurture the limitless possibilities of human connection – one person, one cup, and one neighborhood at a time. We are known for developing extraordinary leaders who share this passion and are guided by their service to others. Starbucks technologists work to achieve this mission with innovative technology delivered to our partners, customers, stores, roasters, and global communities.

This role contributes to Starbucks success by safeguarding information and system assets against unauthorized use, disclosure, modification, damage, or loss. Security Architecture provides services to protect the value and use of information through collaboration, standardization, enforcement, and education across the Company. Security Architecture uses risk frameworks and methodologies to assess technology risk, evaluate technology providers, review trends, threats, and solutions. Assessments are used to inform decision making, establish, and interpret cybersecurity policies and standards, and provide implementation guidance to manage risk.

This role will deliver security architecture expertise, and best practices oversight across complex multi-cloud, multi-vendor environments. It entails deep-level architecture reviews, crafting advisory and design reference architectures and secure design patterns. The end goal drives Starbucks Technology into compliance with standards, policies, and applicable regulations globally.

At the Cybersecurity Architect level, work is primarily focused on specific project-based engagements.

Models and acts in accordance with Starbucks guiding principles.

As an information security, security architect, you will…

Ensure delivery of a world class cybersecurity program.

Develop reference architectures that can be used to solve common requirements or mitigate trends in security findings in a repeatable way following (and identifying) recommended best practices.

Lead threat modeling and partner with technical delivery teams to integrate security requirements and practices into solutions.

Drive security architecture reviews of platforms & applications in complex multi-tenant, multi-provider, and vendor-cloud environments.

Provide consultative services and guidance for technology teams during technical design of solutions.

Utilize risk frameworks and methodologies to document and provide implementation guidance to application and business teams.

Create exceptional quality documentation for all security architecture design and analysis work.

Support the Starbucks technology community and champion Starbucks Cybersecurity principles globally.

Inspire and influence others to achieve results – Partner with the tech builder and delivery teams to follow progress on strategic platform initiatives. Proactively manage oversight and pace for the architecture reviews, and promptly address any critical issues that may create risk.

Be accountable for the quality and successful outcome of the work – Ensure assessments are known, documented, and properly performed to produce consistent, timely, high-quality deliverables. Develop and maintain technical proficiency and related certifications for core products and solution areas.

Enjoy working on an energetic, fun team and have a clear ability to drive the business forward as part of a highly collaborative team, while acting in accordance with Starbucks guiding principles and values.

We’d love to hear from people with:

Minimum of 7+ years working in cybersecurity related field.

We prefer 3 years demonstrated experience in cybersecurity and a total minimum of 7 years in information technology or related field.

Architecture experience - 1 year

Business process and system design - 5 years

Financial analysis & business planning - 3 years

Technical Proof of Concepts - 2 years

Functional and Systems modeling - 3 years

Demonstrated knowledge of:

cybersecurity frameworks (e.g., NIST, ISO, CSA), policies, design principles, practices and enabling tools.

public cloud services (AWS, Azure, GCP, etc.) and serverless and containerized environments.

encryption, authentication/authorization, API security, secrets best practices.

IaC (Infrastructure as Code) and supporting technologies (Cloud Formation, Terraform, etc.).

general security threats, attack vectors, and vulnerabilities - ability to act as SME on threat modeling.

architecture tools, patterns, serverless ecosystems, pipeline security.

Ability to analyze problems related to security architecture tools and provide improvements for enhancing development processes and mitigating risks.

Able to use critical and logical thinking to prioritize work that drives the most impact to overall security posture and risk management.

Strong written and verbal communication skills.

Ability to establish cross-functional, collaborative relationships with business and technology partners.

Demonstrated ability to work in a challenging, dynamic, and fast-paced environment with limited supervision. Candidate should be able to succeed in both independent and collaborative work scenarios.

Certifications such as CISSP, CISM, CIPM or others focused on information security, data privacy or information risk management are desired.

From free coffee to competitive pay, Starbucks is proud to offer a comprehensive compensation and benefits package to our eligible part-time and full-time partners. Benefits include 100% tuition coverage through our Starbucks College Achievement Plan, health coverage with a variety of plans to choose from, and stock & savings programs like our equity reward program, Bean Stock. What’s more, Starbucks offers flexible scheduling and opportunities for paid time off. Visit starbucksbenefits.com for details.

If you live in the greater Seattle area, we offer a flexible workplace that allows for hybrid work. Partners can work remotely up to two days per week.

Join us and inspire with every cup. Apply today!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

We are committed to creating a diverse and welcoming workplace that includes partners with diverse backgrounds and experiences. We believe that enables us to better meet our mission and values while serving customers throughout our global communities. People of color, women, LGBTQIA+, veterans and persons with disabilities are encouraged to apply.

Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal state and local ordinances. Starbucks Corporation is committed to offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability, please contact us at 206-318-0660 or via email at applicantaccommodation@starbucks.com.