Full Job Description
***Location flexible, open to remote work location within the United States***
This position contributes to Starbucks success by leading the Cybersecurity Reliability & Engineering team through design, development, deployment, monitoring and alerting of security services. As a Lead Information Security Engineer, you will be responsible for ensuring that the Security Engineering Team remains current on industry trends in both security solutions and threats. This role will also guide the team through deployments, ensuring that security is applied to the technology platforms and information within the organization in accordance with established standards and policies with reliability and resiliency kept top-of-mind. Models and acts in accordance with Starbucks guiding principles.
Summary of Key Responsibilities:
Responsibilities and essential job functions include but are not limited to the following:
Driving an “SRE” mindset within the team; focus on building resilient security platforms/services with strong monitoring and alerting, and encouraging automation for operational processes and orchestrating workflows.
Provides direction for building security program fundamentals across the OSI model and acts as a consultative partner with Global IT and Business teams.
Provides technical leadership for development, planning and implementation of a variety of platforms including SEIMs, IDS/IPS, firewalls, WAFs, anti-malware, EDR, Encryption/HSMs, DDOS services, configuration management, vulnerability scanning, penetration testing, PKI, CASB, DLP, and more.
Partners with Security Architecture and Global Technology teams to ensure platform goals and security solutions are aligned with the business strategy and needs.
Reviews threat intelligence reports and feeds, designs remediation for profile or toolset changes based on reviews.
Scopes, documents and provides program oversight and performs penetration testing activities when needed.
Ensures security controls are designed, built and configured to meet compliance requirements (SOX and PCI, etc.), as well as internal controls
Participate as a key member for security incident response activities.
Ensures documentation for managed platforms/services are detailed, thorough, and kept up to date.
Trains and mentors security engineering team members.
Summary of Experience
Direct Experience in Information Security
Experience in the following technologies – SEIMs, WAFs, IDS/IPS, anti-malware, EDR, secure cloud access, vulnerability scanning platforms, FIM, DLP, and encryption.
Direct experience with incident response and remediation.
Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, CloudFormation, Terraform, Ansible) preferred.
Leadership experience a plus.
CISSP, GIAC, CISM certifications preferred.
Required Knowledge, Skills and Abilities
Ability to apply knowledge of multidisciplinary business principles and practices to achieve successful outcomes in cross-functional projects and activities.
Understanding of compliance and regulatory requirements such as SOX and PCI.
Highly organized, can multitask and meet aggressive deadlines, and is a team-player and team-builder who can make meaningful and long-lasting connections with others.
Ability to respond and remediate incidents.
Ability to work within large collaborative organizations.
Knowledge of and ability to apply process improvement principles.
Strong written, verbal and active listening skills.
Models and acts in accordance with Starbucks guiding principles.
Ability to foster effectiveness during changes in tasks, work environment or conditions affecting the organization.
Strong analytical and problem-solving skills.
Starbucks and its brands are an equal opportunity employer of all qualified individuals.
We are committed to creating a diverse and welcoming workplace that includes partners with diverse backgrounds and experiences. We believe that enables us to better meet our mission and values while serving customers throughout our global communities. People of color, women, LGBTQIA+, veterans and persons with disabilities are encouraged to apply.
Qualified applicants with criminal histories will be considered for employment in a manner consistent with all federal state and local ordinances. Starbucks Corporation is committed to offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability, please contact us at 206-318-0660 or via email at firstname.lastname@example.org