Starbucks Global Cyber Security Group is responsible for engineering and designing Identity, Privileged Access, and Directory Service systems to meet business requirement, goals and objectives encompassing a wide range of technologies that are in accordance with Starbucks Strategy & Architecture standards and guidelines.
This position contributes to Starbucks success by leading the Engineering team through design, development, and ownership of critical services. As a senior information security engineer, you will be responsible for guiding the team through deployments and project deliverables, proactively finding opportunities to improve identity services and mentor junior engineers in the areas of development, implementation, and optimization of innovative solutions and operational excellence for existing solutions.
This role will serve as a technical subject matter expert in Identity and Access Management technologies for a global enterprise. The individual must be a motivated team player with a positive attitude, solid interpersonal skills and someone who can quickly take ownership within their area. The individual must be hands-on, work under minimal supervision and can work in a fast-paced global environment.
Models and acts in accordance with Starbucks guiding principles.
As an information security engineer senior, identity management, you will…
- Provides technical leadership to ensures solutions are stable, secure, and compliant with company standards and policies.
- Creates short- and long-range plans for lifecycle and capacity management for Azure Cloud services, PKI (ADCS), and centralized Identity Authorization technologies.
- Collaborates with technology vendors to deliver against business objectives.
- Advises on Operational IT Management areas of Change Management, Release Management, Incident Management, and Problem Management
- Communicates clearly and concisely, both orally and in writing
- Demonstrated ability to work successfully in a fast-paced and cross-functional team environment.
- Ability to establish cross-functional, collaborative relationships with business and technology partners.
We’d love to hear from people with…
REQUIRED KNOWLEDGE
- BS degree in Information Technology, Computer Science, or equivalent experience
- 8+ years of experience in designing and developing identity solutions for large enterprise
- 8+ years of hands-on experience at large enterprise in 2 or more of the following areas:
- Privileged Access Management solutions (CyberArk for example)
- Directory Services (cloud and on-premise)
- Certificate Management solutions (PKI)
- Working knowledge of software development and at least one of the programming/scripting languages (C#, Python, PowerShell, etc.)
- 5+ years of experience with cloud identity solutions
- Advanced understanding of Identity standards and protocols like LDAP, SAML, WS-*, OpenID Connect, PBAC, ABAC, RBAC, principles of least privilege, and ability to implement them in an enterprise environment
- Advanced problem-solving abilities
- Demonstrated ability to automate repetitive tasks using a DevOps approach
- Familiarity with various IT / Security technologies including DNS, DHCP, MS Exchange, Firewalls, VPN Gateways, IPS, Proxy, Endpoint Security, Vulnerability Management, SIEM, etc.
PREFERRED QUALIFICATIONS
- Certifications such as CISSP, CISM, CISA, or others focused on cybersecurity, data privacy or IAM
- Knowledge and understanding of relevant legal and regulatory requirements, such as SOX, PCI, HIPAA, etc.
- Experience with Privileged Access Maturity model concepts
- Working knowledge of software development principles and design patterns
- Hands-on experience creating and managing GitHub repositories
- CI/CD experience with Azure and related cloud application infrastructure is a plus
- DevOps related tools and technologies (JIRA, Confluence, Bitbucket, Jenkins, Ansible, Puppet, Coverity, etc.)
- Strong written and verbal communication skills
- Familiar with architecture design tools and creation/design of service-oriented architectures
SUMMARY OF EXPERIENCE
- Expert engineering knowledge in the area of Identity and Access Management
- Experience with Privileged Access Management and Directory Services
- Experience implementing and managing cloud-based services
- Experience with diagnosing and troubleshooting system problems in a complex, heterogeneous systems environment
- Experience with software engineering and/or system administration
- Experience with “DevOps”/Agile
- Experience with building and maintaining large enterprise Identity & Access Management deployments
- Experience with leading product evaluations, planning, gathering requirements, testing, recommending, and implementing solutions
As a Starbucks partner, you (and your family) will have access to medical, dental, vision, basic and supplemental life insurance, and other voluntary insurance benefits. Partners have access to short-term and long-term disability, paid parental leave, family expansion reimbursement, paid vacation from date of hire*, sick time (accrued at 1 hour for every 25 hours worked), eight paid holidays, and two personal days per year. Starbucks also offers eligible partners participation in a 401(k) retirement plan with employer match, a discounted company stock program (S.I.P.), Starbucks equity program (Bean Stock), incentivized emergency savings, and financial well-being tools. Additionally, Starbucks offers 100% upfront tuition coverage for a first-time bachelor’s degree through Arizona State University’s online program via the Starbucks College Achievement Plan, student loan management resources, and access to other educational opportunities. You will also have access to backup care and DACA reimbursement. Starbucks will comply with any applicable state and local laws regarding employee leave benefits, including, but not limited to providing time off pursuant to the Colorado Healthy Families and Workplaces Act, and in accordance with its plans and policies. This list is subject to change depending on collective bargaining in locations where partners have a certified bargaining representative. For additional information regarding partner perks and more detailed information about benefits, go to starbucksbenefits.com.
*If you are working in CA, CO, IL, LA, ME, MA, NE, ND or RI, you will accrue vacation up to a maximum of 120 hours (190 in CA) for roles below director and 200 hours (316 in CA) for roles at director or above. For roles in other states, you will be granted vacation time starting at 120 hours annually for roles below director and 200 hours annually for roles director and above.
The actual base pay offered to the successful candidate will be based on multiple factors, including but not limited to job-related knowledge/skills, experience, geographical location, and internal equity. At Starbucks, it is not typical for an individual to be hired at the high end of the range for their role, and compensation decisions are dependent upon the facts and circumstances of each position and candidate.
If you live in the greater Seattle area, we offer a flexible workplace that allows for hybrid work. Partners can work remotely up to two days per week.
Join us and inspire with every cup. Apply today!
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, physical or mental disability, sexual orientation, marital status, military or veteran status, gender identity and expression, genetic information, or any other factor protected by law.
We are committed to creating a diverse and welcoming workplace that includes partners with diverse backgrounds and experiences. We believe that enables us to better meet our mission and values while serving customers throughout our global communities. People of color, women, LGBTQIA+, veterans and persons with disabilities are encouraged to apply.
To apply for this job please visit itjobpro.com.