Senior cybersecurity architect - cloud focus

At Starbucks, we are on a mission to cultivate a unique connection around coffee and celebrate the rich traditions it embodies. Our team is dedicated to inspiring extraordinary leadership while prioritizing service to others. We seek a Senior Security Architect to contribute to our success by protecting our information and system assets. This role involves delivering security architecture expertise and best practices across intricate multi-cloud and multi-partner environments. As a crucial member of our Global Cybersecurity Services (GCS) organization, you will help build trust in our brand by ensuring the confidentiality, integrity, and availability of every interaction with our partners, customers, and suppliers. Along with a supportive team atmosphere, we offer extensive benefits including health insurance, retirement plans, tuition assistance, and opportunities for personal development. We believe in a collaborative work environment, which is why we have an onsite presence four days a week.

- Minimum of 7+ years in a cybersecurity-related field.
- Preferred 3 years of demonstrated experience specifically in cybersecurity, with at least a total of 7 years in information technology or a comparable field.
- Comprehensive knowledge of cybersecurity frameworks (e.g., NIST, ISO, CSA), policies, design principles, practices, and enabling tools.
- Experience with formal risk assessment documentation.
- Proficient in threat modeling.
- Familiarity with public cloud services (AWS, Azure, GCP, etc.) and serverless/containerized environments.
- Understanding of encryption, authentication/authorization, API security, and best practices for handling secrets.
- Knowledge of Infrastructure as Code (IaC) and relevant technologies.
- Awareness of general security threats, attack vectors, and vulnerabilities, with the ability to serve as a Subject Matter Expert (SME) in threat modeling.
- Experience with architecture tools, patterns, serverless ecosystems, and pipeline security.
- Strong critical and logical thinking skills to prioritize impactful tasks for overall security posture and risk management.
- Excellent written and verbal communication abilities.
- Capacity to establish collaborative relationships with both business and technology partners.
- Proven ability to thrive in a challenging, dynamic, and fast-paced environment with minimal supervision, excelling in both independent and collaborative settings.
- Certifications such as CISSP, CISM, CIPM, or others centered on information security, data privacy, or information risk management are preferred.

- Ensure the implementation of a top-tier cybersecurity program.
- Create reference architectures to address common requirements and mitigate security findings in a reproducible manner, adhering to identified best practices.
- Lead threat modeling initiatives and collaborate with technical delivery teams to incorporate security requirements into solutions.
- Conduct security architecture reviews for platforms and applications in complex multi-tenant, multi-provider, and vendor-cloud settings.
- Provide advisory services and support to technical teams during the design of solutions.
- Motivate and guide stakeholders to achieve results—collaborate with engineering and delivery teams to facilitate strategic platform initiatives.
- Proactively oversee and maintain momentum during architecture reviews, promptly addressing critical issues that might elevate risk.
- Take responsibility for the quality and successful completion of tasks—ensure assessments are documented and performed thoroughly to yield consistent, timely, and high-quality deliverables. Continuously develop and maintain technical expertise and relevant certifications for core products and solution areas.
- Thrive in a vibrant, enjoyable team environment and skillfully advance business objectives while adhering to our guiding principles and values.